Nintendo disclosed on Tuesday that 300,000 accounts have been compromised by hackers since the beginning of April.
In a statement on its website, originally written in Japanese, the company said a higher number of malicious attackers used users’ Nintendo Network IDs without their permission than previously believed.
In April, the company said 160,000 accounts were breached. On Tuesday, the company said it found, after continuing its investigation, that the figure is actually around 300,000. However, Nintendo said only a small number of hacked accounts were used to make purchases or to buy items on Nintendo's platform.
Nintendo says credit card information wasn’t exposed, but multiple reports said hackers gained access to “PayPal funds linked to the Nintendo eShop and used them to purchase game currencies like Fortnite’s ‘V-bucks’ and, in some cases, hundreds of dollars worth of games,” the Deseret News reported in April.
Emailing affected users
Nintendo said it is almost done issuing refunds to customers whose accounts were used to make fraudulent purchases.
Affected users will receive an email from the company urging them to update their passwords. Users can also set up two-factor authentication for additional security. People who previously used a Nintendo Network ID to log in are now urged to use their Nintendo account email address instead.
When Nintendo first announced the breach, it promised to “make further efforts to strengthen security and ensure safety so that similar events do not occur.”