Nintendo confirms widespread unauthorised access of NNID accounts
Update: Nintendo of Europe has provided an English statement on their support website. You can see the full text at the end of this article. Original article continues below.
In recent weeks, there have been many reports across the internet of unauthorised purchases happening for Switch users. Today, Nintendo has responded, and the verdict isn’t great.
Nintendo Co. Ltd. has confirmed in a Japanese press release the unauthorised access of over 160,000 NNID accounts starting in early April — that’s accounts that are used for the 3DS and Wii U, and are separate from Nintendo Accounts used on Switch. NNID accounts can, however, be linked to a Switch Nintendo Account, specifically for the purpose of sharing a wallet between Switch, 3DS, and Wii U consoles. Nintendo has now terminated the option to login to a Switch account using an NNID, which had allowed unauthorised purchases to take place on the Switch eShop.
Nintendo has also starting rolling out the automatic resetting of passwords for potentially affected NNIDs and Nintendo Accounts, and suggests users change their passwords to be different from both each other, and from any other account password you use. The company has suggested that users also set up 2-Step Verification on their Nintendo Accounts, which you can do by clicking this link, and unlinking any existing NNID from your Nintendo Account.
Nintendo has said that the information that may have been made available if your account was compromised are your name, date of birth, gender, country/region. and email address. No financial information such as credit card details and PayPal account details have been compromised.