140,000 additional Nintendo accounts may have been accessed illegally, says Nintendo

Nintendo Switch with Neon Red and Blue controllers displaying a fish from Animal Crossing Source: Rebecca Spear / iMore

What you need to know

In April 2020 Nintendo confirmed that 160,000 user accounts with a NNID might have been authorised illegally.
Since then, Nintendo launched an investigation into the matter.
Today, Nintendo released a statement that roughly 140,000 additional accounts might have been accessed maliciously.
Nintendo strongly encourages everyone to set up two-factor authentication on their Nintendo account.

Back in April, we learned from Nintendo that around 160,000 user accounts had been accessed illegally by someone impersonating the Nintendo Network ID (NNID). The NNID was in place to allow players to purchase games online or interact with online multiplayers for older systems like the Wii U and the Nintendo 3DS. After the breach, Nintendo launched an investigation to learn more about what had taken place.

Today, Nintendo released a statement that revealed that way more accounts were likely accessed illegally. "[T]here were approximately 140,000 additional NNIDs that may have been accessed maliciously." It's important to note that this is on top of the initial 160,000 breached accounts reported on in April. Nintendo warns that if you had PayPal or credit cards linked to your NNID account that the hackers might have used them to make purchases. It's possible that the hackers accessed these account in order to make in-game purchases like Fortnite VBucks.

As a result of the initial discovery of the breach, Nintendo has "abolished the function of logging in to a Nintendo account via NNID." The accounts affected will receive an email from Nintendo asking them to change their password. The Japanese video game company further urges people to set up two-factor authentication for their Nintendo accounts to add an extra measure of security.