Nintendo Switch owners need to lock down their accounts after a series of fraudulent attacks has been uncovered. It is advisable to change your password and also use two step confirmation.
The hacks involve a user logging into a person’s Nintendo account – and often using a linked PayPal account to make expensive purchases.
Several reports say the attacks have intensified in recent weeks, with staff at popular technology and gaming sites among those affected. One staff member at rival gaming site Eurogamer had their account accessed, the website reported, as did another at Ars Technica.
One source of possible fraud goes back to the Nintendo Network ID (NNID) service which was associated with the Wii console. It may be that stolen accounts and the bad practice of using the same password all over results in easy pickings. Linked accounts are a growing way for hackers to gain access to PayPal etc.
Out of an abundance of caution, users should also unlink their account from the NNID and change, or at least reset, the NNID password. Ideally both changing the password and unlinking it makes the situation much more secure.
Steps you should take to ensure your Nintendo accounts and information are secure:
- Review your sign-in history. You can check your recent sign-ins by visiting https://accounts.nintendo.com/login_history.
- Change your password. You can do so through the above link. If you used the same password on other sites, it is recommended that you change those as well.
- Sign out from all devices. From the same link as above you can force all devices to sign out. This should be done after changing your password. If someone has access to your account’s credentials, signing them out won’t do much as they will be able to sign back in until it’s changed.
- Enable two-factor authentication (2FA). This can be done by going to https://accounts.nintendo.com/security. This adds an additional layer of protection to your account. More information on setting up 2FA can be found at https://en-americas-support.nintendo.com/app/answers/detail/a_id/27496.
- Review any linked payment methods. Check for fraudulent purchases or other activity that you did not make.
Some users have been reporting that if you become a victim of fraud, that you should contact Nintendo first before you contact your bank/credit card because Nintendo will not investigate the charge if it is disputed or marked as fraud beforehand.
Looking into the security, it looks like Nintendo’s 2 factor authentication is all based on the Google Authenticator app.