+ Reply to Thread
Page 2 of 16 FirstFirst 1 2 3 4 5 6 12 ... LastLast
Results 16 to 30 of 235
Like Tree74Likes

  Click here to go to the first Rift Team post in this thread.   Thread: Trion Accounts compromised

  1. #16
    Rift Chaser
    Join Date
    Jan 2012
    Posts
    384

    Default

    Quote Originally Posted by Skarsha View Post
    People were raising major concerns that Hackshield, in the past, has provided backdoor access for Hackers. Now, not even a week after the AA beta, multiple people are experiencing this.
    Hackshield is a professional product designed to PREVENT people hacking in online games. It would be commercial suicide for such a program to include any sort of backdoor to actually enable hacking.

  2. #17
    Rift Disciple
    Join Date
    Mar 2014
    Posts
    124

    Default

    Don't know about you guys, but over here we removed all payment methods from Trion and went as far as closing down Paypal accounts that had been linked to Trion. Yes, this means that no money will flow from us into Trion until this is over.

    Also, all passwords have been changed (and now we're having a riot to login until we memo them again ).

    As a precaution, we contacted AmEx to lower the threshold in our cards and we'll be keeping an eye for the next week or two. Even if someone gets to our cards somehow, they won't get a lot out of them...

    Also, I find that Trion is having an extreme lack of care and professionalism.

    There should be a warning about accounts being compromised, especially when massive amounts of money are being siphoned from people's bank accounts.

  3. #18
    Rift Master Shedelin's Avatar
    Join Date
    Jun 2014
    Posts
    682

    Default

    Just changed the password...they will not be instituting credit purchases without going through me...so unless they can figure out how to siphon the security company again, they ain't getting into my account. And I also have 2 of the best firewalls in all of cyberspace protecting me, so unless they can figure out a way to defeat both firewalls AND break into my account, they ain't going anywhere fast.

    Next up: ESO password change...

    Edit: That's been changed to...now let's see how easily they can defeat both firewalls...
    Last edited by Shedelin; 08-07-2014 at 05:15 PM.

  4. #19
    Ascendant Narcise's Avatar
    Join Date
    Jul 2014
    Posts
    2,468

    Default

    Quote Originally Posted by Shedelin View Post
    Just changed the password...they will not be instituting credit purchases without going through me...so unless they can figure out how to siphon the security company again, they ain't getting into my account. And I also have 2 of the best firewalls in all of cyberspace protecting me, so unless they can figure out a way to defeat both firewalls AND break into my account, they ain't going anywhere fast.

    Next up: ESO password change...

    Edit: That's been changed to...now let's see how easily they can defeat both firewalls...
    Yeah. Reminds me.... I need to go change passwords on 6 inactive and 1 active wow accounts.

  5. #20
    Ascendant Techie Will's Avatar
    Join Date
    Mar 2011
    Posts
    6,122

    Default

    Quote Originally Posted by Narcise View Post
    Yeah. Reminds me.... I need to go change passwords on 6 inactive and 1 active wow accounts.
    Great advice for any game, especially with that Russian password list that apparently made the news.

    If you don't use mobile authenticators on services that allow it (Google, Trion, etc.) and you have the ability to, you should. That's one of the ultimate forms of security (barring you don't lose your phone of course).


  6. #21
    Champion
    Join Date
    Nov 2010
    Posts
    509

    Default

    Quote Originally Posted by elektraz View Post
    I was hacked but somehow I never got coin locked so what the GM said was:
    GM Kitsoone: The compromise was not with Rift it was in ArcheAge, therefore the whitelist couldn't kick that IP from logging into the account.
    ME I dont play archeage
    GM Kitsoone: The account was found compromised and purchases were made from a malicious IP.

    They made no attempt to apologize.

    Anyone ever heard of PCI standards???
    The hacker logged into ArcheAge using your account, not that ArcheAge is compromised itself. ArcheAge does not utilize the coin lock system like RIFT does. You read into the statement that AA database was compromised, when all the GM was saying was that the hacker logged into AA not RIFT.

  7. #22
    Ascendant Narcise's Avatar
    Join Date
    Jul 2014
    Posts
    2,468

    Default

    Quote Originally Posted by Techie Will View Post
    Great advice for any game, especially with that Russian password list that apparently made the news.

    If you don't use mobile authenticators on services that allow it (Google, Trion, etc.) and you have the ability to, you should. That's one of the ultimate forms of security (barring you don't lose your phone of course).
    Yeah, they just keep recycling that list.... and people weren't/aren't proactive.... *sigh*

    I have a "smartphone" - I don't use it other than for emergency phone calls. HATE telephones - DETEST them. I am at NO ONE'S beck and call (um yes - I DO identify with Asha in a way).... and goddess forfend I would ever have the need to play games or browse the 'net on one.... I wound up having to do email over my kindle a year ago - that was SO painful I can't even imagine being bothered with trying to really do something online on a 3x5 screen with no real keyboard. [Yeah I'm old.... sue me....]

    My wow accounts (ALL of them) have physical authenticators attached. Still changing the passwords.

    Rift - I did just take all the payment methods off (which meant I had to cancel my auto sub renews.... not happy about that.... don't ASK what I want to do to creeps that can't bother to get a job so they think stealing from we who pay our way is just fine), and changed the passwords (twice.... each.... heh - figure THAT out jerks....)
    Last edited by Narcise; 08-07-2014 at 05:36 PM.

  8. #23
    Shadowlander Cariad's Avatar
    Join Date
    Oct 2011
    Posts
    37

    Default

    It happened to two in my casual guild too, one doesn't play Arch the other does but both on the same connection. grr.

  9. #24
    Prophet of Telara MisterWibble's Avatar
    Join Date
    Mar 2011
    Posts
    1,108

    Default

    Like others in this thread, I can only emphasise the use of multi-factor authentication for online accounts. The Rift authenticator app (which really should be re-branded Glyph authenticator) helps keep people out of your stuff.

    Just a single password, no matter how smart and complicated you think it is, is rarely sufficient, especially with so many services using email addresses for login.

  10. #25
    Soulwalker
    Join Date
    Dec 2013
    Posts
    17

    Default

    I was hit 4-5 days ago. Don't have Archeage, never did. They managed to breach my Trion/Glyph account and maxed out my credit card spam buying Archage founder packs and credits from my Trion Worlds page.

    So I'd say its not Archage, but Trion Worlds main website having crappy security.

    Got all the fraudulent and unauthorised purchases refunded, removed any payment method details.

    Wasn't gonna say anything, thought I was unlucky loner. Guess I was wrong.

  11. #26
    Champion
    Join Date
    Aug 2012
    Posts
    524

    Default

    so still no official statement, warning, etc.?

  12. #27
    Soulwalker
    Join Date
    Mar 2014
    Posts
    8

    Default

    day or 2 ago i logged onto see my account was coin locked. my ip has not changed. nothing was gone so i wasnt to concerned.

    need to change my password. just deleted my payment method.

    just hope nothing shows up on credit card. ill be really PO then

  13. #28
    Ascendant Techie Will's Avatar
    Join Date
    Mar 2011
    Posts
    6,122

    Default

    Quote Originally Posted by stonelotus View Post
    so still no official statement, warning, etc.?
    Probably because they do not likely have an issue on their end.


  14. #29
    Ascendant Techie Will's Avatar
    Join Date
    Mar 2011
    Posts
    6,122

    Default

    Quote Originally Posted by Lone500 View Post
    day or 2 ago i logged onto see my account was coin locked. my ip has not changed. nothing was gone so i wasnt to concerned.

    need to change my password. just deleted my payment method.

    just hope nothing shows up on credit card. ill be really PO then
    IP addresses are just one thing coin lock uses. They have many more things it looks for, from MAC addresses of Ethernet or wireless connections, to windows installation IDs.


  15. #30
    Plane Walker ArcticGypsy's Avatar
    Join Date
    Jan 2014
    Posts
    424

    Default

    Over the years have seen so many security breaches with games. Sony had a massive breach a few years ago. Can't be too careful these days.

    We have since made it a point to never link a game account with credit card / paypal, and to keep logins / passwords different.

    Anything we do is 1-time and then we disassociate the payment method with the game. It's a pain in the @ss to have to keep entering our info anytime we want to do anything, but it's a safer way to do things. We have also used prepaid credit cards with some games.

+ Reply to Thread
Page 2 of 16 FirstFirst 1 2 3 4 5 6 12 ... LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts