Nintendo Accounts being hacked for...Fortnite currency?

For the last month, quite a bit of users has been reporting their accounts being hacked. Stating that some have lost money to the hundreds. On Fortnite currency, it seems the hackers or hacker enjoys some Fortnite skins.

Security concept Lock on digital screen, illustration

The victims of these hacks have been getting email alerts that unauthorized users been accessing their accounts and spending their money. These hacks started sometime in March but started rapidly increasing.

Currently, no one knows how these accounts are being hacked.

Users admit to using unique and complex passwords. The attackers are using something more than just credential stuffing, password spraying, or brute-force attacks. It may be a breach of passwords leaked from a server. Probably being sold on a dark-net forum.

Nintendo has released how many were hacked about a sum of 160,000 accounts.

Nintendo Official Report


Some accounts had hackers buy other Nintendo games, but most of the victims said the hackers bought Fortnite currency through a third-party service like PayPal that's linked to the account.

"Even my PayPal support guy got hit with a hacked Nintendo account," A user on Twitter tweeted.

ZDNet has identified recent ads put up. A group of hackers is selling Fortnite currency acquired from Nintendo Switch accounts.

Other Nintendo gamers who think or fear for their account should check your recent sign-in history.

  • Change your password. Especially if you use the same password for another account.
  • There is a lovely feature called force sign-out. Any device that may have your account signed in will be logged out. Doing this after a password change will help out a bunch.
  • Always check your bank account payment history. I do it regularly as someone stole my payment credentials once and luckily my bank knew I don't spend $500 in New Jersey.
  • This is the most important part, enabling 2FA (two-factor authentication). Another step to protect your account. It will make it where a trusted device like a phone will have to be used to verify a login attempt. Usually by sending a one time code to a phone number or email.

Enabling 2FA to me is the best thing for myself to protect my accounts. Even if they got my passwords they don't have my verified & trusted device or account to verify the login attempt.

It seems users who were hacked are getting refunds from their payments. Personally I find it odd spending money on Fortnite currency, other games but really Fortnite V-bucks? Weird.

Posted on Apr 25, 2020 8:20:00 AM by Marcos Xochihua in hacks, in Cyber Security

Marcos Xochihua

Written by Marcos Xochihua

Marcos Xochihua is a Network Security major and Student Ambassador at University of Advancing Technology (UAT)


Email me when there is a new post.

I'd like more information about UAT

Lists by Topic

see all

Recent Posts

Posts by Topic

see all

Posts by Author

see all