Club Nintendo of Japan has confirmed on a message in their website that Club Nintendo user information was hacked. Accounts have been frozen and they request users log in to reset their passwords.
Nintendo started noticing suspicious activity on July 2, and in monitoring found unauthorized login attempts in the period of June 9 to July 4. Out of 15,457,485 attempts, hackers logged in 23,926 times.
Fortunately, Club Nintendo does not keep credit card information, so nobody's financial information was compromised. What could have been collected were user data such as names, addresses, phone numbers and email addresses. However, there has been no detected attempt to use the information. Likewise, no unauthorized use of Nintendo Points (used to redeem Club Nintendo Rewards, such as toys and accessories) has been detected.
Nintendo has taken steps to heighten security and monitoring measures to ensure no further unauthorized logins have been made. They encourage users to login so that they can unfreeze their accounts and change their passwords.
Nintendo of America's systems were themselves hacked two years ago. At that time, a group of Anonymous/Lulzsec hackers took responsibility for it, as well as some of the ongoing PSN hacks. They claimed they harbored no ill will towards Nintendo, and was only able to get their hands on a configuration file.
Nintendo has long been criticized for not having set up as good an online infrastructure as Sony or Microsoft, but the seeming flip side to this is that Nintendo customers are relatively safer. While today's hack was a bigger compromise, it only affected Club Nintendo accounts and not 3DS or Wii U owners. Any future plans to build up that infrastructure further may be colored by today's events.
