The accounts that were hacked were accounts using a one-step verification allowing users to sign in using only their Nintendo Network ID. The hacking attempts were reported to have started in early April, according to a Nintendo press statement. Those who were affected by the hacks directly are to receive an email notification from Nintendo, alerting them to the breaches.
"Recently it has come to our attention that login IDs and passwords have been obtained illegally by sources outside our service, to impersonate users to access Nintendo Network IDs since the beginning of April," Nintendo stated in their official release. "We can confirm these actions have occurred. We can also confirm that was illegal access to such accounts through the Nintendo Network ID system."
Nintendo added that in some cases the unsanctioned logins were used to purchase digital products from Nintendo's online store.
In response to the matter, Nintendo has done away with the option for using the one-step Nintendo Network ID verification process. The gaming company will also institute mandatory password updates for all users currently employing this type of login.
Nintendo is now advising its two-step verification process to be utilized by all Nintendo users.
"Due to this, as of today, users cannot log into their Nintendo account via Nintendo Network ID. Furthermore, all passwords will be reset for Nintendo Network IDs and all other Nintendo accounts that may have been illegally accessed." the Nintendo statement.