Nintendo fixes Wii U network after claims of accidental hack

Filed Under: Featured, Privacy, Social networks

Just hours after the US launch of Nintendo's latest game console, the Wii U, a video game fan claims that he accidentally "hacked" into the console's online component - the Miiverse.

Miiverse

A Wii U user called "Trike" posted on NeoGAF that he had stumbled across a secret debug menu in the Miiverse that gave him access to a Japanese language list of administrators, with seemingly the ability to regenerate passwords and delete the access rights of admins.

"At first it asked me to sign in, because my login information didn't match. Then I pressed a button and it sent me to a list of admins anyway. They had buttons in the same row as the names, and I could "regenerate password" or "Delete Admin" or something along those lines. I didn't do it it because I didn't want to risk getting my god damn Wii U banned on day 1."

"What should I do with this information? Is there anyway I can contact Nintendo about this directly without going through their customer service email crap? Should I let everyone know how to do it? Am I an idiot and this is already well known somehow? I can post pics, but they are going to have to be shitty cellphone pictures. Unless The Wii U has a built in snapshot thing."

"Trike" accompanied his forum post with a series of snapshots of his next generation console accessing the underbelly of the Miiverse, as proof of the apparent security breach.

Debug menu on Wii U

"Trike" also claimed he could view private messages posted by others, and discovered subforums that appeared to be about upcoming (and, as yet, unannounced) games such as "Yoshi's Island Wii U".

Just how much damage a malicious hacker could have done by gaining access to administrator's menus on the Nintendo Miiverse is unclear, but it's certain that it shouldn't be simple for a user to stumble across the network's inner workings.

Fortunately, the security loophole appears to have now been fixed, and "Trike" pointed to a tweet from Nintendo's USA wing announcing that they were conducting maintenance on the site.

Is the apparent security snafu damaging to Nintendo? Probably not. They appear to have resolved the issue quickly, and there is no suggestion that sensitive information was stolen from users, unlike last year's Sony PlayStation network hack where hackers stole the personal data of millions of people.

Of course, that's no reason for complacency. Nintendo and other companies need to treat security and privacy as a priority, or risk generating headlines that will be harmful to their brands and put their customers at risk.

Hat-tip: NeoGAF via ZDNet.

, , ,

You might like

One Response to Nintendo fixes Wii U network after claims of accidental hack

  1. Uh.... So nintendo basically left admin access to the miiverse administer stuff with a PW of admin? Good frickin' job guys, holy hell.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley is an award-winning security blogger, and veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.