Skip to main content

Nintendo’s NNID hack was almost twice as big as first reported

Nintendo’s NNID hack was almost twice as big as first reported


140,000 additional accounts were affected

Share this story

Photo by James Bareham / The Verge

Nintendo said 300,000 Nintendo Network ID (NNID) accounts were broken into as part of a hacking attempt in April, which is nearly twice as many as initially stated. Nintendo previously said that 160,000 accounts were broken into.

NNIDs were used for the 3DS and Wii U and allowed users of either system to download content and link their systems to a shared wallet. A new account system was used for the Nintendo Switch, but 3DS and Wii U owners could link their accounts.

Nintendo eliminated the option to log in via NNID

Hackers could have spent money at the My Nintendo store or the Nintendo eShop using virtual funds or money from a linked PayPal account. Additional information such as a user’s nickname, date of birth, and email address may have also been visible. 

Nintendo says that accounts may have been broken into if users had the same password on both their NNID and Nintendo account.

In response to the breach, Nintendo eliminated the option for Switch owners to log into their Nintendo account via NNID. The 300,000 accounts that were impacted by the hacking attempts will receive password resets via email from the company; additionally, Nintendo is encouraging all Switch owners to enable two-step verification to secure their accounts.