-
Ever wanted an RSS feed of all your favorite gaming news sites? Go check out our new Gaming Headlines feed! Read more about it here.
Nintendo confirms that ~160.000 accounts that use a Nintendo Network ID to login into their Nintendo Account were affected by recent hacking attempts
- Thread starter dex3108
- Start date
How as this an "attempt"? Sounds like a successful hack to me. I know it's about liability but companies shouldn't obfuscate.
You had to have an email address to create your account - use this.
Nintendo doesn't say "attempt" anywhere in their notice. That's Nibel's wording.
By logging in with your regular Nintendo account? lol
If you don't remember the password then choose the forgot password option. The legacy login was dumb anyways. "Hey, do you want to login with the Nintendo account or with the other older Nintendo account that's linked with your new Nintendo account" lol there's no reason for that option to even exist.
Anyways, people, enable 2FA on EVERYTHING and use unique passwords generated via Keepass or an equivalent for EVERY website.
Deleted member 44122
Guest
I don't think I used a legacy account for my Switch, maybe I did... anyway I added 2FA as soon as I saw the first murmuring of a hack, thought I already had it on but apparently not.
Any authenticator app will do. Nintendo will also give you backup codes.
OP
OP
Sony didn't give out a free game until they were sued for tens of millions of breached accounts.
You'll get 300 gold coins.
So there wasn't a breach after all.
People using same username and password combinations on other sites who's data is breached being used to log into NNID accounts.
Those who had funds spent were using same passwords for their regular Nintendo Accounts as Nintendo doesn't allow the use of saved payment info if entered on Nintendo account side when logged in through NNID
People using same username and password combinations on other sites who's data is breached being used to log into NNID accounts.
Those who had funds spent were using same passwords for their regular Nintendo Accounts as Nintendo doesn't allow the use of saved payment info if entered on Nintendo account side when logged in through NNID
Ahh so this is how my Nintendo account was being logged into from Russia a couple weeks ago. I had changed my password but got another email a few days late of the person doing it again, which would make sense if they're using the NNID logins. I was very concerned but this makes sense
Funny how NoE is saying
"While we continue to investigate, we would like to reassure users that there is currently no evidence pointing towards a breach of Nintendo's databases, servers or services."
while NCL is saying, that information was accessed
"While we continue to investigate, we would like to reassure users that there is currently no evidence pointing towards a breach of Nintendo's databases, servers or services."
while NCL is saying, that information was accessed
There's a huge issue here that you aren't able to change the password on an NNID without a Wii U or 3DS. Many people aren't using those systems any more or have sold them or have had them break in the last 3 years. So most NNIDs are going to have old passwords and are therefore very vulnerable.
Deleted member 44122
Guest
it was accessed as in viewed by just logging in on their website, not accessed as in through a database hack or whatever
I had my account compromised 5 days ago, and some people have said that their accounts were breached a few WEEKS ago.
Now don't the GDPR regulations say that an individual must be informed of a security or data breach within 72 hours? Have Nintendo not breached GDPR by only coming out with this now?
Now don't the GDPR regulations say that an individual must be informed of a security or data breach within 72 hours? Have Nintendo not breached GDPR by only coming out with this now?
Very lucky my account was okay but I've finally been able to add Two Step (wasn't aware they offered it until now) today as the verification emails weren't coming through for the past few days to me.
Don't think so; I believe they have a certain window to disclose it.
Don't think so; I believe they have a certain window to disclose it.
Word in the hacking community last week was that people were bruteforcing logins with NNID accounts using email+password combo found in other data breaches. This seems to confirm it.
There is no security breach here, just people having access to NNID login data from other sources. I may be wrong however.
That's because it's legally required. If they don't they get sued for lots of $$$.
But if you don't have access to these consoles, you have no reason to have the link. So you just delete the link and log in via your Nintendo account only.
Yep, like the other poster said, it is 72 hours to notify it once it is known by the company.
While NoE can say they are still investigating, they need to send asap a notification to the European data protection agency asap.
