Back in April, Nintendo announced that up to 160,000 Nintendo accounts have been accessed in a massive data breach that exploited accounts with no two-factor authentication enabled but today, the company has confirmed that the actual number of users affected is closer to 300,000 (via Business Insider).
Nintendo’s investigation found that the breach applies to those users who connected their old Nintendo 3DS and Wii U “Nintendo Network ID,” or NNID, to the Switch. This is why Nintendo is no longer allowing NNID logins on the Switch.
In addition to sending an email to the account associated with your Nintendo Account, Nintendo is alerting affected users by forcing a password reset as well. The company is also urging users to set up two-factor authentication on their Nintendo Accounts.
“While we continue to investigate, we would like to reassure users that there is currently no evidence pointing toward a breach of Nintendo’s databases, servers or services. As one action in our ongoing investigation, we are discontinuing the ability to use a Nintendo Network ID to sign in to a Nintendo Account. All other options to sign in to a Nintendo Account remain available.”
More information is available on Nintendo’s website.