Earlier in April a news broke out claiming to be a case of a massive breach of Nintendo resulting to at least 160,000 compromised accounts. A follow-up report now claims that the overall might be close to twice as big at 300,000.
Specifically, the affected includes those individuals who tied their Nintendo 3DS, Wii U, and Switch accounts in a single “Nintendo Network ID” or NNID. A problem which Nintendo circumvented by introducing a new system called “Nintendo Account” which also enables pre-existing users to connect their NNID with.
Consequently, the Nintendo Network ID no longer works as a valid credential for users to log into their account on the Switch.
One way of telling if a user is a victim of the breach is if they receive a peculiar email notifying them of an “illicit” login into their account.
However, even before the user will receive the email, Nintendo will send a preliminary “password reset” notification.
In light of the situation, Nintendo therefore urges everyone with a Nintendo account and Nintendo Network ID to do a password change as well as enable 2-factor authentication to ensure the security of their individual profiles.