On April 24, Nintendo released a statement that up to 160,000 Nintendo Network IDs were accessed maliciously, resulting in the possible exposure of some users’ personal data, including nicknames, date of birth, country, and email addresses. This caused Nintendo to deactivate Nintendo Network ID logins to help stop additional breaches, but now the company is reporting the problem may have affected more accounts than previously thought.
According to an update on the Japanese Nintendo support page, an additional 140,000 accounts may have been affected, bringing the total to approximately 300,000 total accounts. While that number seems staggering (and is nearly double the original estimate), Nintendo assures panicking players that this is less than 1 percent of all Nintendo Network IDs. Still, as a precaution, Nintendo has reset all the passwords of the accounts it found to be affected, and is most of the way through with refunding any fraudulent purchases that may have resulted from this breach.
Nintendo says that setting up two-factor authentication on your Nintendo account is a good way to prevent future breaches like this from hitting your account.