Nintendo has told Eurogamer it is now actively investigating a wave of reports from Switch owners stating their Nintendo Accounts have been accessed.
Yesterday, Eurogamer reported that a number of account owners had reported their Nintendo accounts accessed over the past couple of weeks. A Eurogamer staff member was among those recently affected.
Some account users reported their accounts had been used to buy digital items, such as bundles of Fortnite VBucks worth up to £100, via linked PayPal accounts.
Speaking to some of those affected last night, some of whom only realised their account had been accessed after reading our story, I heard a mixed pattern of people using unique passwords and those who had used the same password as elsewhere.
It begged the question - had Nintendo become the latest target of a simple credential stuffing scheme, using details gleaned from other hacked sources? Or had Nintendo account holders' details somehow been accessed within Nintendo's system itself?
Today, Nintendo has responded to those reports, and highlighted what you should do if you affected.
"We are aware of reports of unauthorised access to some Nintendo Accounts and we are investigating the situation," a Nintendo spokesperson told Eurogamer today in response.
"In the meantime, we recommend that users enable two-step verification for their Nintendo Account as instructed here: https://www.nintendo.co.uk/Support/Nintendo-Switch/How-to-Set-Up-2-Step-Verification-for-a-Nintendo-Account-1466677.html.
"If any users become aware of unauthorised activity, we encourage them to take the steps outlined at https://www.nintendo.co.uk/Support/Nintendo-Account/Nintendo-Account-Recovery-Process-1658054.html or visit https://support.nintendo.com for general support."
If you haven't activated additional verification for your account already, it takes less than two minutes to complete.