Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Nintendo Security

Nintendo Now Says 300,000 Accounts Breached by Hackers 12

Posted by msmash from the more-you-know dept.
Nintendo has almost doubled the number of user accounts compromised by hackers in the past few months. From a report: The Japanese gaming giant originally said that 160,000 Nintendo accounts were compromised, exposing personal information like the account owner's name, email address, date-of-birth and their country of residence. In an updated statement, the company said another 140,000 Nintendo accounts had been compromised. Nintendo said the number increased as a result of its continuing investigation. The company said it reset those passwords and contacted customers. The statement reiterated that fewer than 1% of all accounts were impacted by the breach. News of account compromises came as early as March when users complained that their accounts were charged for digital items without their permission. Nintendo said in a tweet in April that users should enable two-factor authentication on their accounts but without saying why.
This discussion has been archived. No new comments can be posted.

Nintendo Now Says 300,000 Accounts Breached by Hackers More

Nintendo Now Says 300,000 Accounts Breached by Hackers

Comments Filter:
  • Another reason not to buy a Switch. Not that anyone can find and afford one.

  • Nobody cares (Score:3)

    by AndyKron ( 937105 ) on Tuesday June 09, 2020 @04:44PM (#60165922)
    How much will Nintendo pay in fines for this?

    • How much will Nintendo pay in fines for this?

      $5 per person in switch credit?

      Which doesn't really cost them anything, but they can write it off.

    • Re: (Score:2)

      by AmiMoJo ( 196126 )

      Maybe we need to think of a better way to make a it because these leaks keep happening and no amount of fines will stop it.

      Seems like we need a new system that allows companies to have an identity and billing details but which is unique and doesn't contain any PII. Like a virtual credit card but for identities.

      It's a bit tricky because there needs to be a way for people to manage their virtual identities so they can do stuff like account recovery.

  • Are the breaches still happening as they're being used, or was this a large one-time breach that happened some time ago that is only now seeing tentative use?

  • ... and more: "How the hell are you so bad at basic security, Nintendo?".

    I mean if your fake-2FA (actually 2x1FA) prevents this, why exactly can it be disabled?
    Why don't you block bad passwords, if they are easy to guess?
    Are your admins sleeping?

    I mean it is not like you got the Mossad sneaking USB drives or chips with dopant-level hardware backdoors into your HQ to get those passwords, now is it? ;)

    • A secure password is the responsibility of the user. What I put into the password field before it is salted, hashed, and so on is nobody's business but my own.

      • Is that not all companies store passwords as salted hashes. Hopefully a company like Nintendo has people that would salt and hash but I've seen at least a couple of "geniuses" who rolled their own password system who didn't do that.
        • Like apple during the fappening, Nintendo has a service that didnâ(TM)t rate limit login attempts, so you the hackers seem to have just spammed them common password tables for random scribe accounts.

Slashdot Top Deals

Counting in octal is just like counting in decimal--if you don't use your thumbs. -- Tom Lehrer

Close