After a recent uptick in Nintendo account breaches, Nintendo is launching a formal investigation into what could possibly be a large-scale security breach, Polygon reports.

Many people are using Nintendo Switch consoles while staying at home during the COVID-19 pandemic. Hackers are accessing accounts and stealing PayPal funds linked to the Nintendo eShop and using them to purchase game currencies like Fortnite’s “V-bucks” and, in some cases, hundreds of dollars worth of games, BBC reports.

Multiple gaming reporters from Polygon, Ars Technica and other outlets report that their accounts have been hacked, including this Loot Pots editor, whose tweet about the breach has garnered more than 2,000 likes.

The editor is launching his own investigation, encouraging those who have had their data compromised to complete the following survey to help narrow down what is making the accounts vulnerable.

To check if an account has been compromised, Nintendo Switch users can see a recent sign-in history under the “Sign in and Security Settings” tab, Forbes reports. If an unknown location appears on the list, it is possible the Nintendo account has been hacked. Users should then follow Nintendo’s Account Recovery Process.

View Comments

Nintendo is recommending that all Nintendo account users set up 2-step verification to prevent unauthorized purchases. Here’s how:

  1. Sign in to your Nintendo Account at
  2. Select “Sign-in and security settings” and scroll down and click on “two-step-verification.”
  3. Click “Enable two-step verification.”
  4. Select the “Submit” button once you are done. This will send you an email with a verification code. Return to the page with the code and enter it, and then click “submit” again.
  5. Install the free Google Authenticator app on your smartphone.
  6. Scan the QR code on your Nintendo account into the Google Authenticator app.
  7. This will prompt a verification code to appear on your smartphone. Enter this code into the Nintendo account screen and hit “submit.”
  8. Backup codes will then appear. Copy these down onto a piece of paper or into a separate safe location on your smartphone or computer so you can use them if you are unable to sign-in through Google Authenticator.
  9. Verify you have written down the backup codes by hitting “backup codes saved” and then click “OK.”
Join the Conversation
Looking for comments?
Find comments in their new home! Click the buttons at the top or within the article to view them — or use the button below for quick access.