Helping to share the web since 1996

Nintendo Hack: Are You At Risk?

Ten years ago, we would all have been a lot more guarded about entering our personal information onto a device connected to the internet than we are today. Most of us are old enough to remember the days when every MSN Messenger conversation started with a warning not to include your address, date of birth, or credit card number in any conversation with anyone on the platform. Now we’re happy to use our Facebook accounts to connect with almost anything, and many of us have web-connected Bluetooth speakers in our homes. The times have changed dramatically in the past few years – and we’re becoming a little more careless about where we leave our information.

One place where you might be asked to input your personal data is a games console. The consoles of the 1990s had no interest in knowing who you are or where you live, but now online gaming is just as much a big deal as offline gaming, you struggle to even enter a multiplayer game through your console without telling the manufacturer of either the console or the game your life story. We part with the information because we want to play, but that habit might come back to bite you – and Nintendo Switch users might be about to find that out in the worst way possible.

This particular point in gaming history is a bad one for any company to suffer from negative press. There are so many options out there that customers can easily go elsewhere if they lose faith in the platform they’re using. It’s especially difficult for old-school console manufacturers like Nintendo, Sony, and Microsoft. The era of streaming games, using a method similar to the way online slots websites store hundreds of games in the same place, is well underway. Platforms like Google Stadia replicate the structure of online slots websites and use them to offer brand new video games to customers wherever they are, using any hardware they like. Just as the advent of online slots has taken a toll on old-fashioned casinos, new streaming platforms will begin to eat up the market share of traditional consoles. That makes any PR disaster currently costly.

For all the reasons we listed above, Nintendo will currently be wincing as it counts the cost of an enormous hacking attack that occurred last week. Word of the hack had begun to spread among players long before the company made an official statement on the matter, but the nature of what was happening quickly became apparent. Multiple Nintendo Switch Online users took to social media to report unusual login activity on their accounts, and purchases being made from their accounts that they hadn’t authorized. They posted pictures as evidence. Eventually, Nintendo admitted the truth. They have been targeted in a big way by a highly organized, highly skilled professional hacking outfit – and as many as 160,000 accounts might have been compromised.

While Nintendo has confirmed that the attack took place, so far they haven’t given the public any specifics of how it took place. All we know about it comes from a post on the company’s official Japanese website, which states that hackers had managed to access login information that had been dumped elsewhere on the internet. They haven’t commented on the matter of how the login details came to be stolen and then dumped in the first place, and so they may still be investigating that matter internally. We also haven’t been able to confirm how widely the information might have been shared before Nintendo identified the attack.

It’s thought that the only information that’s been accessed by hackers is Nintendo Network IDs, which consist of a customer’s username and password. This doesn’t automatically give a hacker the ability to access the Nintendo Store and make purchases using the stolen data, but many Nintendo Switch owners use the same login data for both the Network and the Store, leaving their accounts wide open to attack. It’s thought that older accounts are more vulnerable to being exploited, as some network IDs were automatically retained by the company to allow customers to access the store using old details.

Over the coming days and weeks, Nintendo will contact the holders of every account that’s known to have been compromised and let them know that their details have been stolen. They’ve also made it clear that any customers with concerns can contact them to ask questions, although they’ve cautioned users that due to the influx of queries, it might take them longer than usual to respond. While the access of every known hacked account has been suspended, and people have been asked to choose new login details to regain access to their online services, it’s advisable for all Nintendo Switch users to change their passwords at the earliest possible opportunity as a safeguard. It would also make sense to switch on ‘two-factor’ authorization, thereby making it impossible for unwanted parties to gain access to an account or make purchases even if they do have the correct username and password.

In the short term, it will be impossible to log into any Nintendo Account over the internet using the NNID system, and as the system is antiquated, this may be a permanent change. There are numerous other ways to gain access to the online services offered via the Nintendo Switch, and so users are asked to start using those other methods as soon as possible. Network’s online systems are known for being difficult to navigate, and so if you have queries over how to gain access or which account details to use, you should contact Nintendo as quickly as possible and wait for a response. The company insists that the network is currently safe to use so long as people use sensible precautions when choosing passwords and protecting their accounts.

So long as the internet exists, there will always be hackers, and so long as thousands of pieces of highly desirable information – like email addresses, passwords, and purchase details – are held online somewhere, there will always be people trying to access them. Nintendo isn’t the first company to be targeted this way, and nor will they be the last. Even if you’re not a Nintendo Switch user, this news should be a timely reminder to find out where your data is, and strengthen your security settings on accounts you haven’t used for a while.

back to news headlines