It might be time to update your passwords for Nintendo's online service, as nearly 450 accounts have been hacked, and their passwords leaked. You can view the Pastebin full of usernames linked below to check and see if your account was compromised. Even if you're not listed, it still might be a wise idea to change your password, just to be on the safe side.

SOURCE

 

[Ev1l0rd]

Oof. None of my accounts are on that pastebin, thank goodness. Would probably have a major freakout if it were.

 

[SpongeFreak52]

Where did this information originate from?

EDIT: Appears to have stemmed from a specific Miiverse community. See here:
https://www.reddit.com/r/nintendo/c...sswords_were_taken_from_miiverse_and/dcs574y/

 

[Chary]

Where did this information originate from?

Have I been pwned, a site that can check massive data breaches.

 

[Mikemk]

I'd change my password, but for some reason none of Nintendo's websites have DNS addresses right now.
This occuring for anyone else or just me?

 

[RustInPeace]

Has anyone been trying to change their passwords? I got it done in one console, but now I keep hitting a 022-5548 warning.

 

[RupeeClock]

It apparently wasn't a breach, just somebody posting a list of NNIDs they successfully compromised due to other sites or services that were compromised.
It's little more than an example of the importance of changing your passwords and not using them throughout the same sites.

 

[Fishaman P]

Sounds like these were phished from the users by other means.
I don't think Nintendo's servers were breached at all.

 

[Starfighter-Suicune]

The fact alone that he just had to bruteforce them doesn't make Nintendo safer than skype...
If you never posted your nnid on a page or posted in miiverse, you should be safe since he got the nicknames from somewhere.

 

[enarky]

Sounds like these were phished from the users by other means.
I don't think Nintendo's servers were breached at all.

Yepp. With only 450 accounts involved I wouldn't call this a "data breach". More likely the result of bad password management. Probably should change the wording of this post, sounds a bit hyperbolic.

 

[fvig2001]

Someone on /r/3dshacks claimed that he brute forced known passwords and that's how he got the 440 names. Then his friend leaked what he found.

 

[Apache Thunder]

450 accounts?.... That's it? I'd hardly consider that a breach given the scale of the service involved. There has to be millions of accounts on Nintendo's servers. You'd nearly have the same odds of winning a state lottery then finding out your on that list of hacked accounts....

 

[Soulsilve2010]

I wasn't hacked,got no eshop money to be stolen anyway.Still will change my password to protect my miiverse account.

 

[tech3475]

Again, Id advise people to use a password manager of some kind with a random password generator.

If these were brute forced, a good password gen will create a combo which will make it allot harder and each site having its own password reduces the chance of cross site hacking.

 

[Xiphiidae]

Again, Id advise people to use a password manager of some kind with a random password generator.

Even those are not guaranteed safe. What's most important is people using different passwords for different sites, and using 2FA whenever possible.

 

[Chary]

450 accounts?.... That's it? I'd hardly consider that a breach given the scale of the service involved. There has to be millions of accounts on Nintendo's servers. You'd nearly have the same odds of winning a state lottery then finding out your on that list of hacked accounts....

Yepp. With only 450 accounts involved I wouldn't call this a "data breach". More likely the result of bad password management. Probably should change the wording of this post, sounds a bit hyperbolic.

Sources I was looking at were claiming this as a data breach. I'll amend the title, but I certainly think this is still worth bringing attention to, seeing as there's been a lot of users getting screwed over lately because they use the same password with every site they sign up for.

 

[enarky]

Sources I was looking at were claiming this as a data breach. I'll amend the title, but I certainly think this is still worth bringing attention to, seeing as there's been a lot of users getting screwed over lately because they use the same password with every site they sign up for.

Word on Reddit is that this is coming from the Nugget Bridge leak a couple of weeks ago. People used the same passwords on Nintendo Network.

 

[tech3475]

Even those are not guaranteed safe. What's most important is people using different passwords for different sites, and using 2FA whenever possible.

Forgot about 2FA (although even that can be hacked like with boogie2988), but the reason why I say to use a password manager is to avoid repeating passwords, otherwise there wouldnt be much point and I doubt people would use unique password otherwise unless you have only a handful of accounts.

 

[Scarlet]

Word on Reddit is that this is coming from the Nugget Bridge leak a couple of weeks ago. People used the same passwords on Nintendo Network.

This is probably the case. I recognise a few of them and a LOT of them have VGC in the name. Either the leaker has a vendetta against Pokémon fans or it's just an extension of the whole Nugget Bridge fiasco. Or both.

 

[Bladexdsl]

yeah who cares i don't go online on the wiiu anymore and sold my 3ds

Spoiler: SPOILS!

names not there anyway.