Nov 16, 2010

EQ2 account hacked!!

That’s right, I finally logged into EQ2 after a new baby break of nearly 2 months to find my characters naked (apart from appearance armour), all cash gone and the fact I’d supposedly withdrawn all the cash from my guilds bank, annoyed doesn’t describe it! All this in the few days before I logged back on.

With the other half and baby away for a week I decided now was the time to get back into EQ2 and signed up to join my guilds Monday group night. I was looking forward to playing again with people I count as friends and had missed gaming with my guild over the last couple of months. I patched the game logged in and was greeted with the above news!

I also spotted a new level 1 character called Ukokool which had obviously been created to sell the plat or move it into another account via my shared bank.

I am usually careful with logins and PC security, I’m a web dev so security is something I have to think about daily. I have used the same user/pass on a couple of other things than my SOE account, one was an MMO though both are secure and have now had their password’s changed.

Openedge had his Guild Wars account hacked recently and a member of my guild had her account hacked after a period of inactivity. Another member of my guild did suggest that the leak could be internal to SOE which is always a possibility as many credit card frauds are inside jobs these days.

I have petitioned SOE to look into the problem and am hopeful I can get things restored, here is their response to my petition.

Hi there Yetian,

Thank you for contacting Sony Online Entertainment regarding your compromised account. I completely understand your frustration, and I appreciate this issue being brought to my attention. I have taken a look at this and have confirmed the compromise.

To prevent any further damage from occurring, I have terminated all game subscriptions on this account (Station Name: *********) pending ownership verification and the securing of the account through our Technical Support department. After this has been completed, we may investigate what had occurred in-game as a result of the compromise.

In order to re-secure your account, we’ll need to verify your identity so that whatever third party that compromised your account can’t just get right back in. To that end, you can either reply to this email directly with the following information, or if you aren’t comfortable with that, give us a call at 1-858-537-0898 with this information handy, and we’ll be happy to get this process started.

- Last four digits of the credit card used to bill the account:
- The name on that card:
- The COMPLETE billing address:
- Current Answer to your Security Question:
- Account / Registration Key (usually found on the back of your CD case or on the instruction manual):
- Real Name:
- E-mail Address:
- Station Username:
- Birthdate:

If neither of those options work for you, we also can help you via live chat – details on that and the rest of our Technical Support channels can be found here: http://www.soe.com/support under the Technical Support section. I hope that this reaches you well, and that we can get you sorted and back in game as soon as possible!

Sincerely,

Senior GM Malovari
In-Game CSR – EverQuestII
Sony Online Entertainment

I’ll keep you updated with how this goes in case anyone’s interested.

6 Comments

  • Good luck! I had that happen in WoW and it really was such a pain. I had to wait several weeks to get my things back. I was so glad though when I finally did.

    I've never had my EQ/EQ2 accounts stripped though. Ugh.. I feel for ya!

  • I'm thinking here more strongly to change my passwords around after a few years of inactivity there.

    The problem I'm seeing is hinting at WoW being the leak here in several cases (which I used to have an account for), if there is an insider handing out passwords I'd prefer to not get stung across multiple MMO's, although I'm loathed to change passwords that I've gotten used to over the years :P

    What worries me here with SOE is that they seem to rely on your original credit card details to confirm identity. If that's something that has been changed its tricky to find what it was :P

    Good luck, its another reason though to despise the people who buy plat fueling this sort of thing.

  • All I can possibly imagine is some forum maybe got hacked (very possible) and they retrieved some basic data.

    For example, on my EQ2 account, to change the password you only need the ID and one answer to a "secret" question.

    Some forums have only one way to secure their passwords, and it could have been the same question.

    Security needs to be changed for MMO's now. I remember being upset about Battle.net and it using an email address. The fact you can change that ID though was tantamount to a better security measure to me. Since I changed that ID, I get zero spam mail and no attempts made to that account…period.

    I think all MMO's need new layers of security…and maybe authenticators need to be a new rule of thumb.

  • Hi, I'm sorry to hear about your account being hacked…I just had my password hacked also and a bunch of plat from my shared bank stolen in EQ2 on Bazaar server while I was gone for six days over Thanksgiving. Luckily one of my guildmates talking to him on our guild voice chat channel seemed to scare the thief off and he logged before stripping my characters of everything. Did SOE ever restore what was taken from you and your guild? I have entered a tech support trouble ticket but have yet to get any response from them at all, not even the courteous one that you received. Maybe there's a ring of these thieves, and maybe it is indeed an "inside job". Cheers…

    • Hiya,

      Sorry to hear about your account. I did get mine restored in fact there is a post on here explaining what happened.

      I hope you manage to get everything back and that it didn't ruin your thanksgiving.

  • Hey I got my account hacked when I returned to eq2 after it went f2p, and all my stuff was gone, I sent in a ticket to soe and they said they would be happy to restore all my stuff once I subscribed again because f2p players aren’t allowed that. I’m sure it was hacked because soe had that security breach and warned everyone that your accounts may be compromised.

    Can you believe the bs?

Leave a comment