Japanese gaming giant Nintendo has admitted that hackers have breached 300,000 accounts since early April, gaining access to personal information such as birthdays and email addresses but not credit-card details.
An initial hack in April compromised 160,000 accounts and a further 140,000 breaches have been discovered since then, the Kyoto-based firm said in a statement released late Tuesday.
"We deeply apologise for causing trouble and worries to customers," Nintendo said in its statement, pledging to "enhance security… to prevent this happening again."
Hackers broke into Nintendo Network IDs, intended for services on the Wii U and Nintendo 3DS, and then migrated to Nintendo Accounts, which can be used for purchases at the company's official online store.
Fraudulent purchases from hacked Nintendo Accounts represented only a fraction of total sales, the company said, and it vowed to reimburse victims if it had not already done so.
Nintendo has been enjoying a strong showing from its popular Switch console and blockbuster games including "Animal Crossing", with demand fuelled by players stuck at home because of the coronavirus pandemic.