Japanese gaming giant Nintendo has admitted that hackers breached nearly 3 lakh accounts since early April, which is near twice as many as initially stated. An initial hack in April compromised 1.6 lakh accounts and a further 1.4 lakh breaches have been discovered since then globally.
According to The Verge, hackers broke into Nintendo Network IDs, intended for services on the Wii U and Nintendo 3DS, and then migrated to Nintendo Accounts. Hackers gained access to personal information such as birthdays and email addresses but not credit card details.
According to the report, accounts may have been broken into if users had the same password on both their NNID and Nintendo account. Hackers could have spent money at the My Nintendo store or the Nintendo eShop using virtual funds or money from a linked PayPal account.
"We sincerely apologise to our customers and related parties for any inconvenience and concern. In the future, we will make further efforts to strengthen security and ensure safety so that similar events do not occur," said Nintendo in an earlier announcement.
Meanwhile, the company is emailing affected users, urging them to change their passwords and anyone who previously used a Nintendo Network ID to log in should now use their Nintendo account email address instead. The company is also asking people to set up two-factor authentication.