Nintendo announced that 160,000 accounts have been affected by hacking attempts, forcing the company to disable the ability to log into a Nintendo Account through a Nintendo Network ID (NNID).

In addition, passwords will be reset for NNIDs and Nintendo accounts that may have been illegally accessed.

Nintendo says login IDs and passwords “obtained illegally by some means other than our service,” have been used since the beginning of April to gain access to the accounts.

Nicknames, date of birth, country, and email addresses may have been accessed during the breach, and some accounts have experience fraudulent purchases. Nintendo is recommending that all users enable two-factor authentication.

Affected users will be notified via email, and the company is warning that if you’ve used the same password for an NNID and Nintendo account then “your balance and registered credit card / PayPal may be illegally used at My Nintendo Store or Nintendo eShop.”