14th ranked streaming HC player Prozon hacked just minutes ago.Pictures included.
Okay. I am very glad we caught this fast. Thank you very much for posting this thread with info.
Someone impersonating the account owner persuaded one of our support workers to change the email address on the account. This has only happened to this one account and this will never happen again. We have clear policies on this to keep accounts safe and we will not tolerate the policies being broken by our staff. Our policy is to never trust incoming email as a source of proof of account ownership. In this one case a spoofed email was trusted by a customer support agent. We have talked to customer support and they now fully understand about spoofed emails. My initial reaction that the account was sold/stolen was based on the email address being changed (which requires the owner of the account to do so). We have restored the account, characters and its items. Thankfully there was no economic impact. We will restore his character's hardcore ladder position but this may take several days. In this case it is 100% our fault that it was compromised and I am deeply sorry. On a happier note, the work on the new security measures we're implementing is going very well and the "one week" estimate that I posted about here may be just 1-2 days. As I explained in that post, almost all "hacked accounts" are due to people losing passwords because the passwords are used with other online services (or because there's malware installed). This case here with Prozon's account is very different than normal hardcore deaths and/or password theft because it was directly due to our customer support member making a mistake. Last edited by Chris on Feb 20, 2013, 9:52:48 PM
| |
I'd just like to say I am very impressed with seeing issues like this resolved instead of getting the generic "we do not these discuss publicly" that most online games favour.
| |
I'd recommend permabanning the IP address that had successfully been logging into his account if it's static.
| |
Probably using a vpn/proxy. So ip banning is useless.
| |
I would have LOVED to have been a fly on the wall when that discussion with customer support was taking place.
Glad this was all figured out. Does Prozon even know yet? | |
" Won't help, odds are good he's on a dynamic IP and some other random person will end up banned - and that's assuming the hacker(s) didn't even try to conceal their IP. | |
Kudos for admitting the actual problem and letting us know about it. One thing to say that it got hacked, another entirely to admit you guys were at fault and how it actually occurred. Takes a real man to admit you made a mistake.
Might be the first time I've actually seen this in a company. |
|
" I'm PMing him! | |
oh man your kidding me, hacked and back into the hardcore ladder, this should not be any exception in my mind, people die from alot of things, hacks happen, etup server crash death and still on HC reroll back was total bs to, im glad he died finally offically
but for real, you are gonna get so many I got hacked is why I died bs now, can't blame your support staff for being a sucker into this either, it happens aswell, but man back on the ladder /sigh I've never been hacked in my gaming online life of 15 yrs or so, but I'm sure if I did. I wouldn't as much cry I need to be back on the ladder than think there os no possible way I should be brought back to life. And Chris you are a good guy to, you responded back to my vendoring chain and no way to get it back, it was my fault. Just my thought on the back on ladder matter of hacked brought back to life thoughts. Poeple will try to scam this now. Just keep doing a good job btw though. Last edited by cavespro on Feb 20, 2013, 10:05:24 PM
| |