According to Nintendo the mass login attempts have been made using a list of login credentials containing usernames and password obtained from some service other than Nintendo. The company revealed that it detected over 15 million login attempts out of which 23,926 were successful.

Nintendo became aware of the login attempts after it detected a large number of access errors on the fan site. On further investigation Nintendo found that the attempts started on June 9 and the scattered instances of illicit logins became a problem on July 2. On Friday, the company issued a press release stating that it has suspended all the accounts which were accessed illicitly and sent out emails to users asking them to reset their passwords.

Club Nintendo has about 4 million users in Japan and it offers gamers points to users who register their Nintendo products. These points are also dubbed ‘coins’ in some countries and users can win more such points / coins after answering user surveys. These points can be saved up and exchanged for promotional goods but, according to the company no unauthorized usage of points following the illicit login attempts. The site doesn’t handle any financial information whatsoever.