The Nintendo Switch is the hottest piece of tech on the market right now, but security concerns have arisen after gamers reported receiving email notices that a third-party had gained access to their account.
The notice includes the heading "[Nintendo Account] New Sign-In" along with the browser, location (the United States, for example) and time when the login occurred. These details come from an Ars Technica report, which describes what happened when one of its staff members fell victim to the console attacks.
- Best Nintendo Switch deals in April 2020
- Best PC games 2020: PC games we're playing now
- Nintendo Switch DS? Dual screen model possibly revealed
The vulnerability appears to be widespread, as forum posts have surfaced on various sites, including Reddit and Twitter.
"I suspect Nintendo may have had a major security breach, Twitter user pixelpar wrote. "My account was accessed numerous times overnight. My password is a unique string and my PC is definitely clean (not that I ever login via it). Lots of similar reports on Reddit/twitter."
Another user, TerranSherwood, wrote, "my Nintendo Account was hacked this morning and they made off with $100 for Fortnite crap."
One Twitter user, attempting to get to the bottom of the hijackings, sent out a survey to see if they could find a common thread among Switch owners whose accounts were compromised. It could be a coincidence, but the large majority of people who completed the survey use Nintendo's Network ID service, or a unique identifier (6 to 16 characters) that gives you access to Nintendo Network services.
Nintendo hasn't disclosed what's causing the breaches or how many Switch owners are at risk. We also don't know what sort of information the intruders have access to. It could be as innocent as a user name or as damaging as credit card info. Interestingly, Nintendo recently ran a social media campaign urging users to enable two-factor authentication to protect their accounts.
How to protect your Nintendo Switch account
Enabling two-factor authentication is indeed what you should do to protect your Nintendo Switch account. In fact, we strongly encourage all Switch owners to add 2FA as soon as possible.
Nintendo has a page outlining the steps needed to enable two-factor authentication. They are as follows:
- Go to the Nintendo Account website and sign in to your Nintendo Account.
- Select Sign-in and security settings, scroll down to 2-Step Verification then choose Edit.
- Click 2-Step Verification settings.
- Click Send email and an email will be sent to the address you have on file.
- Enter the code shown in the email and press submit.
- Download the Google Authenticator app from your iOS or Android phone.
- Scan the QR code shown on your Nintendo account.
- Enter the 6-digit verification code into the field and press Submit.
- Copy all the backup codes from the next page and keep them somewhere safe and secure.
- Finally, choose I have saved the backup codes.