My account was hacked and how it's been handled so far.

**Harmonium** · 09-12-2013 08:07 AM

You maybe get a trojan or a spy thing on you'r computer, from anywhere on the net you know.

Shit happen...

Hang on dude :/

**Cal** · 09-12-2013 08:13 AM

Originally Posted by LordMaitreya

Most of them are gil buyers and are getting key logged on the rmt websites. Just like every other game............................

In this case some other game was hacked (I heard it was League of Legends)and these people PROBABLY used the same userid and password on both games.

**Riviere** · 09-12-2013 08:14 AM

You don't have to buy gil to get hacked, you're underestimating hackers. When AION launched, the hackers managed to bypass accounts and gain access to the character database directly, they didn't need to find out user names or passwords. They also get this information from sites like guildlaunch, enjin, curse, etc.

People are always too quick to accuse people that get hacked and call them gil buyers or cheaters.

**10TailBeast** · 09-12-2013 08:15 AM

All this hacking talk made me change my password to a much stronger one that isn't used anywhere else.....and I'm on PS3.

**Dorin** · 09-12-2013 08:17 AM

From the FFXIV launcher:

Currently, we have confirmed that a third party is using account names and passwords, thought to be obtained from security breaches of other companys' online services, in attempts to gain unauthorized access to Square Enix accounts.

If you are using the same account name or password as your Square Enix account on other online services, there is a much greater chance that a security breach at any of the other online services could potentially lead to your Square Enix account being compromised.

Question for the OP: Do you use the same password for your FFXIV account that you use for ANY other service? Any of them? Try to remember please, this could help more people.

**Ryujin_Ketu** · 09-12-2013 08:23 AM

Originally Posted by Dorin

From the FFXIV launcher:

Currently, we have confirmed that a third party is using account names and passwords, thought to be obtained from security breaches of other companys' online services, in attempts to gain unauthorized access to Square Enix accounts.

If you are using the same account name or password as your Square Enix account on other online services, there is a much greater chance that a security breach at any of the other online services could potentially lead to your Square Enix account being compromised.

Question for the OP: Do you use the same password for your FFXIV account that you use for ANY other service? Any of them? Try to remember please, this could help more people.

I can't think of any Dorin :-/ And I'm thinking back a long time ago, even to my D2 days. This is the first time I've had anything of mine hacked to be honest. Can't tell who I'm more upset at, SE or the hacker.

**Tupsi** · 09-12-2013 08:28 AM

If you're positive you did nothing shady (no one will admit it anyway..) there's a good chance you use the same info in multiple places - I can assure you no one can randomly figure out your info out of the blue, no hacker or hack tool is that good, they need something to go on. SE IDs can't be "guessed" unless your ID for example is Ryujinketu which matches your in-game and the rest is brute force history.

**Crushbone-Hammerfist** · 09-12-2013 08:29 AM

People who make these posts are NEVER at fault. It's the only service with that password, the password is 20-30 characters long, their computer has never had a virus or malware or Bonzi Buddy. Usually these guys will come back later and explain that they have a job in IT and that's why it's impossible that there is any fault on their end.

It was either Rift or Guild Wars 2 where hackers were able to bypass login screens and gain access to characters directly. This lasted a few days or weeks before a player found the security hole and helped the company fix it. Other than these extremely rare circumstances, it's ALWAYS the players fault.

The fact that the hackers got in only after the token was disabled pretty much confirms that they got your username and password from another service. Another MMO, website, or compromised email. Earlier this year, Ubisoft had all username and password logins stolen. If you've ever had an Ubisoft account, or played their games online, that's just one of many avenues. And that's the only company that admitted to it recently.

I have a bad habit of using the same password for all online games. That should be had, because a few years ago a friend of mine was hacked because he'd used the same password for everything for ten years. After the Ubisoft hack I had to change passwords on dozens of old services i never use anymore because credit card info was still on there. Tedious, yes. But I've never been hacked so it seems worth it.

**Stryker** · 09-12-2013 08:29 AM

I have a security token that came with my 1.0 CE. I don't understand why you had to call them to deactivate it. There's an option on the account services website that allows you to activate and deactivate the device. That being the case unless you're at work and don't have it, it sounds too fishy to be true.

I also don't understand how they can "freeze" the token but it's still attached and works. If the token is still attached to your account then it would have to be activated to log into your account. Or the "frozen" code would have to be used. There's no way a hacker could have taken your past information and successfully guessed a random 6 digit code that just happened to be frozen. I mean yeah they could brute force it, but I think it locks you out after so many attempts, not to mention they would probably rather go for an easier target.

Unless the SE reps are selling the account which could be a possibility your entire situation seems highly unlikely. That's not to say it didn't happen, but I'm no Columbo and I can see many discrepancies in your account.

Oh and I just reread your initial statement. You said you got a new password and registered your 1 time token. How would someone get access to said 6 digit code on your phone? Did they clone your phone too to get that? What I don't understand is that if you did all these steps, which by the way is more protection against fraud than most bank accounts have. Why didn't said hacker just hack someones account or multiple peoples accounts for a total of $200, buy the game and then just play a new character that way.

Personally I've taken beer shits that stink less than this whole story. I call shenanigans.

**Aqua_Amaiyo** · 09-12-2013 08:34 AM

Truthfully there are so many ways to which a hacker can obtain your info.

I've been hacked in previous games and had no clue as to how I was hacked. Alot of people said it was through a program running in the background that obtained my I.p, etc etc via whispering me or something I'm not sure.
Then another way which was confirmed by the company at one point was that I was hacked because I bought something off the market place and they obtained my info that way. I have no idea if SE allows users to know who bought what via market place but that same fear from back then still sticks around. Hell im STILL not sure how Gil sellers or hackers even get my name to whisper me even when I'm quiet in-game and no where near town.

Thread: My account was hacked and how it's been handled so far.

Thread Tools

Search Thread

Display