After customers reported unauthorized purchases, Nintendo discovered a cybersecurity incident in which over 160,000 accounts were hacked. Attackers abused a legacy login system to achieve the hacks. Over the past several weeks, Nintendo users have been reporting a surplus of suspicious activities on their accounts. The breach consisted of attackers logging into victims’ accounts and using the payment cards connected to said accounts to make purchases.
On Friday, Nintendo stated that the attackers have been abusing its Nintendo Network ID legacy login system to hack into the accounts, which is primarily used for the Nintendo 3DS and Wii U console. Nintendo stated that the attacks date back to the beginning of April. Although Nintendo did not disclose further information on how hackers accessed accounts, they did state that it was through an illegal means not connected to the company itself.
Read More: Nintendo Confirms Breach of 160,000 Accounts