It appears as though hackers are really hitting the gaming community with attacks lately… What is the deal?
Nintendo
Welcome back and happy Friday, everyone! This week, CPG publishes the 10th installment of the cyber attack of the week series. I can’t believe we are at the 10th article already!
Alright, now let’s get down to business. This week, CPG is taking a look at another breach in regards to the gaming community. A few articles and weeks back, CPG examined the breach of gaming manufacturer, SFU Gaming.
And now this week, we are diving into Nintendo’s recent data breach. What is going on in the gaming community?!
The Breach
To begin, this week, Nintendo confirmed a recent attack and breach that led to the 160,000 accounts being put at risk.
The company released a statement about the attack and claims that attackers were able to gain entry due to abuse of a legacy login system. The NNID or Nintendo Network ID is the login system in question. (See image below)
Further, months back, users began reporting suspicious activity on their accounts. They would report purchases made without their consent or approval or activity on their card attached to the account.
So all in all, the vulnerable NNID became the vessel for attackers to gain access to Nintendo accounts and further access the account’s payment information. Then with said access to payment, make in game purchases that the account owner did not approve.
Continuing, payment information is not the only accessible data on these accounts. Users also enter personal information like DOB and countries of origin. All information that hackers use to their advantage.
The Response
Nintendo released several comments via Twitter about the breach:
In response to recent incidents related to some Nintendo Accounts, it is no longer possible to sign into a Nintendo Account using a Nintendo Network ID. We apologise for any inconvenience caused. Please visit our Support website for more information: https://t.co/GMrXr5OHW0
— Nintendo UK (@NintendoUK) April 24, 2020
The company recommends that affected users reset their passwords and check on their accounts. Overall, it probably wouldn’t hurt to review the accounts linked to the Nintendo account as well. This could include, email or banking/credit card platform linked to the account.
Once again, hackers prove that attacking the gaming community is a lucrative business for such a crowd. Not only does this attack prove that, but also brings up the point once again for companies to implement stronger cyber security policy and procedure.
By Taylor Ritchey