450 Nintendo Network Accounts Have Had Their Passwords Leaked

Greymane · Jan 23, 2017

If you are not on the list, lets do a merry jig.
If you are on the list, run and change your password.

Sonic Angel Knight · Jan 23, 2017

Really? Just 450? I'm not impressed, now if it was maybe 450 that got hijacked and banned on mii verse for some Adult imagry or just breaking rules and spam on miiverse, I might be a bit more impressed. I might even be impressed if it was just 200 and the same thing happened. But 450? ODDLY SPECIFIC EVEN NUMBER.

Consipricy theroy instinct kicking in 5....4... 3...2 .. 1. O_O

Now i may be a bit worried if it was a more random number like 437 of 246 or even over 500 But That is oddly specific, as if only that many was planned. I checked and none of them had mine, so i'm good. I don't share my passwords and i don't keep the same password for long.

migles · Jan 23, 2017

tech3475 said:
Forgot about 2FA (although even that can be hacked like with boogie2988), but the reason why I say to use a password manager is to avoid repeating passwords, otherwise there wouldnt be much point and I doubt people would use unique password otherwise unless you have only a handful of accounts.

I use a passwords level system.
Anything that I put a credit card on it has a level 5 password, email has another level 5 password
And stuff like forum websites I register like that 3ds iso site has a level 1 password, meaning a shitty one that can be easily remembered and brute force, if people steal this password, they only see shity posts asking for ROMS and not so secret stuff like dynamic ip address and email registered..

Patxinco · Jan 23, 2017

My name is not there, but even if the list were bigger, and was mine there, hope they enjoy my 0.02 € left from the Seasons/Ages pack...
Pro tip: don't left your credit cards in any website, even if you think they are safe, it may seem you waste time, but you're actually saving.

Saving your ASSES off!!!

tech3475 · Jan 23, 2017

migles said:
I use a passwords level system.
Anything that I put a credit card on it has a level 5 password, email has another level 5 password
And stuff like forum websites I register like that 3ds iso site has a level 1 password, meaning a shitty one that can be easily remembered and brute force, if people steal this password, they only see shity posts asking for ROMS and not so secret stuff like dynamic ip address and email registered..

I used to take the 'level' approach, but I found too many sites of the same level were being hacked (even higher up ones).

migles · Jan 23, 2017

tech3475 said:
I used to take the 'level' approach, but I found too many sites of the same level were being hacked (even higher up ones).

Yeah but for example, the 3sa iso site was hacked, I could care less about that password, I think it can access my old neopets account, the hundreds of forums I registered to download 1 file and abandoned the account wich I didn't even put my age or gender correctly (those that prevent signing up with temp mail sites or bug me not acounts)

However if one of those accounts like the eBay or Amazon get hacked, they have my address and cc on it, they both have the same data, harm is done,
If I use different passwords for those 2 the only thing that does is preventing the Amazon or eBay boss to login and check what I purchased at the other site..
Because both sites have the critical data like cc numbers, address, real name, real age etc..

tech3475 · Jan 23, 2017

migles said:
Yeah but for example, the 3sa iso site was hacked, I could care less about that password, I think it can access my old neopets account, the hundreds of forums I registered to download 1 file and abandoned the account wich I didn't even put my age or gender correctly (those that prevent signing up with temp mail sites or bug me not acounts)

However if one of those accounts like the eBay or Amazon get hacked, they have my address and cc on it, they both have the same data, harm is done,
If I use different passwords for those 2 the only thing that does is preventing the Amazon or eBay boss to login and check what I purchased at the other site..
Because both sites have the critical data like cc numbers, address, real name, real age etc..

Depends on the nature of the hack, for example, if they only manage to get my login information for 'site A' but if I shared my password with 'site B' and the former got hacked then the hackers could go on to make purchases from 'site B'.

BTW, this has happened before where e.g. ebay were hacked but the financial information was supposedly not accessed.

Starfighter-Suicune · Jan 23, 2017

fvig2001 said:
Someone on /r/3dshacks claimed that he brute forced known passwords and that's how he got the 440 names. Then his friend leaked what he found.

This would mean that every forums that has a NNID entry option would have an even bigger problem when getting hacked. And there are a lot...
Good that I don't put mine in there because there is no reason for that.

Kourin · Jan 23, 2017

Nice, neither of my accounts are on there. Not that I use them much.

Mikemk · Jan 23, 2017

migles said:
I use a passwords level system.
Anything that I put a credit card on it has a level 5 password, email has another level 5 password
And stuff like forum websites I register like that 3ds iso site has a level 1 password, meaning a shitty one that can be easily remembered and brute force, if people steal this password, they only see shity posts asking for ROMS and not so secret stuff like dynamic ip address and email registered..

I used to do that, now (as of about a week ago) I encrypt some secret data with info about the site and use the encrypted output as a password.

migles · Jan 23, 2017

Mikemk said:
I used to do that, now (as of about a week ago) I encrypt some secret data with info about the site and use the encrypted output as a password.

that's a really nice IDEA!
so, you use a password, mix it up with let's say, the site name, and the generated output will be that site password?

is it secure? they can't use the site name and the outputted password to generate the main passowrd?

Mikemk · Jan 23, 2017

migles said:
that's a really nice IDEA!
so, you use a password, mix it up with let's say, the site name, and the generated output will be that site password?

is it secure? they can't use the site name and the outputted password to generate the main passowrd?

It's secure as long P =/= NP. And of course the secret remains secret.

Arecaidian Fox · Jan 23, 2017

Name's not on there, so I can rest easy. Doesn't seem like it was on Ninty's end anyway. As far as password security goes, I tend to use random alphanumeric strings (with a few symbols thrown in) that I memorize. But I'm having to change them so much it's hard to keep up on all of them. Maybe I should just generate a few random unique files and use the SHA or MD5 hashes from them as passwords from now on =/ ...

GamerzHell9137 · Jan 23, 2017

Lets pay Nintendo for online! Huzzah!

dimmidice · Jan 23, 2017

450 people being lax with their security doesn't seem that newsworthy to me.

GamerzHell9137 said:
Lets pay Nintendo for online! Huzzah!

You didn't even read anything did you? Has nothing to do with nintendo. It's all on the users end.

EthanAddict · Jan 23, 2017

Oh shit, I think my brother's account is in the list, and his 2ds is broken + forgot the password!

GamerzHell9137 · Jan 23, 2017

dimmidice said:
450 people being lax with their security doesn't seem that newsworthy to me.

You didn't even read anything did you? Has nothing to do with nintendo. It's all on the users end.

Chill~ i'm joking lol

Saiyan Lusitano · Jan 23, 2017

My username's not there but gonna change the password anyway. It's been a while since I updated it.

BORTZ · Jan 23, 2017

I mean I am guessing most of those accounts belong to children who didn't come up with much in the way of a password anyways so...What do you expect.

Sketchy1 · Jan 23, 2017

Good thing i have no legit purchases and/or credit cards on these eshop accounts

Edit:
Lol mine wasn't there anyway

--------------------- MERGED ---------------------------

That moment you realize first that iso site as hacked and now Nintendo.

Security these days, SMH

Lurking gbatemp pony

Well-Known Member

All my gbatemp friends are now mods, except for me

Riding a Shooting Star

Well-Known Member

All my gbatemp friends are now mods, except for me

Well-Known Member

Active Member

Touhou Maniac

Well-Known Member

All my gbatemp friends are now mods, except for me

Well-Known Member

fox-ott

Well-Known Member

Well-Known Member

An investment to nothingness

Well-Known Member

Saiyan Lusitano

Guest

DO NOT SCREENSHOT

gbatemp's shadiest warez dealer

Similar threads

Popular threads in this forum