Slashdot Mirror

← Back to Stories (view on slashdot.org)

24,000 Nintendo Site Accounts Compromised

Posted by samzenpus on from the protect-ya-neck dept.

hypnosec writes "Nintendo has revealed that it has detected illicit logins in nearly 24,000 accounts on one of the main fan sites in Japan 'Club Nintendo' and account details such as real names, addresses, emails and phone numbers may have been accessed. According to Nintendo the mass login attempts have been made using a list of login credentials containing usernames and password obtained from some service other than Nintendo. The company revealed that it detected over 15 million login attempts out of which 23,926 were successful."

5 of 36 comments (clear)

  1. 24,000 Accounts? by CanHasDIY · · Score: 3, Funny

    So... all of them, then?

    Zing.

    --
    An enigma, wrapped in a riddle, shrouded in bacon and cheese
  2. Just guessing? by jandrese · · Score: 4, Insightful

    24,000 successful logins from 15 million attempts sounds like a brute force attack. I wouldn't be surprised at all if all of those compromised accounts had horrible easy to guess passwords.

    --

    I read the internet for the articles.
    1. Re:Just guessing? by Mashdar · · Score: 4, Insightful

      GP meant that they tried several easy passwords on many more than 24,000 accounts. 24,000 / 15,000,000 = .16% success rate... This might be the fraction of accounts using 12345 as a password.

    2. Re:Just guessing? by tlhIngan · · Score: 2

      I have lots of easy to guess passwords if they allow 15 million attempts on an account.

      More like they tried 15M attempts at logging in with various username-password combinations, of which 24,000 of them were successful.

      Though, given how little information Nintendo asks, one wonders what the whole point is - I don't think Nintendo even asks for an address until they absolutely need it, so if it was an account created but not really used, there's no information at all. Maybe a few coins, but you can't take them from one account and consolidate them to another...

      Of course, Nintendo's entire online thing is a bit iffy to begin with - there's at least three different logins for three different systems, none of which are combined - you have a support account, a Nintendo Network account (Wii U) and a Club Nintendo account.

      I suppose a lot of the separation is because well, all the child privacy and protection laws really make it hard to even get something like an email address...

    3. Re:Just guessing? by jkflying · · Score: 2

      Standard english grammar has 1.1 bits of information per character (at least in larger text bodies).

      --
      Help I am stuck in a signature factory!