MIAMI (CBSMiami/CNN) — Nintendo has revealed that a total of 300-thousand accounts have been hacked.
The video game company first discovered the breach in April.
Hackers had been using Nintendo Network IDs without permission.
Originally, Nintendo said only 160-thousand accounts were involved but it has revised the number after continuing its investigation.
In addition to logging in to potentially play other users’ games, the hackers were also able to see individuals’ date of birth, country or region and email addresses. They could also access payment services linked to these accounts, including PayPal accounts or credit cards to buy items on Nintendo’s platform.
Nintendo says only a small number of the hacked accounts were used to make fraudulent purchases and refunds to those customers are nearly complete.
A Nintendo Network ID is a unique username and password used mainly for older Nintendo 3DS and Wii U consoles. On the newer Nintendo Switch, users can simply create an account using an email address, although it was possible to link it to the Nintendo Network ID.
Nintendo encouraged customers to check their purchase history for any unauthorized transactions and then request a refund. Credit card information wasn’t exposed, according to the company.
The company is emailing affected users, urging them to change their passwords. Anyone who previously used a Nintendo Network ID to log in should now use their Nintendo account email address instead. For an extra layer of security, the company is also asking people to set up two-factor authentication, adding a second method of verification such as linking to another app that will generate a code for each login.
(©2020 CBS Broadcasting Inc. All Rights Reserved. Cable News Network, Inc., a Time Warner Company, contributed to this report.)