160,000 Nintendo accounts were compromised—including one of ours [Updated]
Enlarge / It's-a me, your Nintendo account's hijacker! (credit: Aurich Lawson / Nintendo)
Throughout the month of April, and particularly this weekend, users of online Nintendo accounts on devices like the Switch have reported receiving email notices that their accounts have been accessed by outside parties. Our ability to verify these claims was bolstered by an unfortunate intrusion on Monday: the hijacking of an Ars Technica staffer's account.
Roughly one hour before this article's publication, Reviews Editor Ron Amadeo received a plain-text email notice from Nintendo, titled simply, "[Nintendo Account] New Sign-In." The notice included the following sign-in details: a 5:25pm ET timestamp; the sign-in taking place via the Firefox browser (which Amadeo says "is not even installed" on any devices he used today), and a location estimate of "United States," which the email says is "estimated based on the IP address used." IP addresses generally pin users down to the county level when traced in the United States, and they are often as specific as individual cities or states.
The email caught Amadeo's attention in part because all of his Nintendo devices are, in his words, "collecting dust." Our cursory research for other affected users brought up threads on Reddit, Twitter, and ResetERA. One Twitter thread included a questionnaire with questions about possible account variables: whether users had logged in to the service via a website (which Amadeo had not), whether users had tied their Epic Games or Fortnite credentials to the service (Amadeo had not), and other questions. He did answer "yes" to one question, which over 90 percent of respondents had, as well: use of the Nintendo Network ID service. (Amadeo had used this for Nintendo's previous home console, the Wii U.)
Read 12 remaining paragraphs | Comments