Thousands of Nintendo accounts have been compromised in a spate of attacks on the company’s main fan site over the last month, prompting us to repeat warnings about safe use of passwords.
The Japanese games publisher has said in a press release that hackers have gained access to nearly 24,000 accounts containing users' names, addresses, phone numbers and email information.
Since June 9, the "Club Nintendo" site has been the victim of mass log-in attempts, with hackers using a third-party list of user names and passwords to attempt to find matches. Because many people use the same user name and password combination across many or all of the services they use, there is a reasonable chance that hackers finding a password matching a user name for one login will be able to use it across multiple websites.
Nearly 15.5 million logins were attempted, said Nintendo, of which 23,926 were successful. The company first became aware of the unauthorised access last week after an unusually large number of unknown login errors on the site.
The compromised accounts were suspended and their owners sent emails asking them to reset their passwords.
Club Nintendo does not handle financial details, so no payment card details have been compromised.