Over the past month, many online Nintendo Account holders have reported receiving messages alerting them to unauthorized account access, and the number of reports doesn't seem to be abating. As reported by Eurogamer, the issue is occurring in multiple countries and, in some cases, hackers are using hijacked account's saved PayPal details to purchase in-game currencies, such as Fortnite's VBucks. A reporter with Ars Technica who had fallen victim to the same unauthorized account access noted that the only common variable they shared with other victims was the use of the Nintendo Network ID service. This service enabled Wii U and Nintendo 3DS users to connect to a variety of online services, including purchasing products on the eShop. It's not yet certain that this is the source of the breach, however, so if you have a Nintendo Account it's better to be safe. It's also unclear whether or not this is related to a tweet sent out by Nintendo of America on April 10 encouraging users to "help secure [their] Nintendo Account by enabling 2-Step Verification" (also known as two-factor authentication, or 2FA).

I strongly urge anyone who has ever used an online Nintendo service to log into Nintendo's accounts portal in order to change their passwords, unlink payment credentials, and enable two-factor authentication (2FA). All of these steps can be conducted at the "security" sub-page, whose URL is https://accounts.nintendo.com/security. This also includes a convenient "sign-in history" page.