Brute-force attack on Club Nintendo website results in 24,000 compromised accounts

Shawn Knight

Posts: 12,999   +130
Staff member
Nintendo recently revealed that nearly 24,000 Club Nintendo accounts have been hacked following what was close to a month-long brute-force attack. We are being told that members’ full names, home address, phone numbers and e-mail addresses were compromised during the...

[newwindow="https://www.techspot.com/news/53159-brute-force-attack-on-club-nintendo-website-results-in-24000-compromised-accounts.html"]Read more[/newwindow]
 

Darth Shiv

Posts: 2,141   +741
This is exactly why you use account lockout policies such as 3 login attempts per 10 min or hour etc. And maybe actually monitoring/taking metrics of failures.

Is there some reputable best practices guide for setting up web portal login security procedures? If there is, it needs to be more visible. Some sort of template to implement a webpage security and implementing storage of personal details.
 

Skidmarksdeluxe

Posts: 8,645   +3,288
I like the way companies always try downplay the severity of these attacks by saying c/c info wasn't compromised only to find out a few days later that you're a couple of grand in the red and you can't hold that company responsible. I'll never ever use my c/c online, in fact I never buy anything online. Call me old fashioned but that's the way I operate.
 
G

Guest

I never buy anything online. Call me old fashioned but that's the way I operate

You wont have much reason to anymore if the online tax bill passes.