Curse

blue.rellik · Apr 07, 2011, 12:36 AM // 00:36

Quote:

Originally Posted by Raven Wing

You won´t get any lost items restored.

Quote:

Originally Posted by Anon-e-mouse

I've had NONE of the items I had stolen restored. Unless you are really quick and it's a fairly unique item you might get it back.

I ended up taking a break for a couple of months. I'm now starting to replace what I had stolen.

Thanks for the answers. I think I will be doing the same thing as well. While the things I lost totalled less than 300k by my estimates, they were all things I earned over the years I've played GW and not being someone farms heavily meant they all had some sentimental value. I do think I will be taking a break then restarting again later

Why? · Apr 07, 2011, 02:06 AM // 02:06

Quote:

Originally Posted by Ghull Ka

Well, that and a good password.

since there is no password counter, that doesn't matter, they will get that eventually by randoming it with a computer or 3.

The safest is to not have a NCsoft master account, since most of the breaches occur through that, and not through the GW log in.

NathaleeJ · Apr 07, 2011, 05:59 AM // 05:59

I'm really worried right now, can't help being paranoid about my infos being stolen by those malicious people.

I've had an experience of getting my gaming accounts hacked into and ended up discontinuing it... and now this stuff comes up. I might as well just change my e-mail, but I'm seriously concerned about whether they might be able to hack into my online accounts such as paypal. Here's the article I've read: Epsilon database hack exposes million to phishing attacks. Oh yeah, and I don't even have any way of knowing whether I'm one of those people whose informations got hacked.

I don't know what those people responsible for the company information security were thinking, cybercriminals nowadays are getting more and more creative with their tactics and it seems the security teams are falling behind on their counter-measures. I hope they're seriously doing their research and not slacking off somewhere.

Chthon · Apr 07, 2011, 06:16 AM // 06:16

Quote:

Originally Posted by Ghull Ka

Well, that and a good password.

If NCMA is breached, your GW password can simply be changed. In that sense, "12345" and "K8g%gh^mW90#kdf,&" are equally weak.

So, the situation would be worse if NCSoft were an Epsilon customer rather than A-net.

Swingline · Apr 07, 2011, 06:21 AM // 06:21

Quote:

Originally Posted by Why?

The safest is to not have a NCsoft master account, since most of the breaches occur through that, and not through the GW log in.

Isn't that what the secret questions are for?

If NCsoft still has these cracks in their wall then why don't I see people getting on them about it?

They simply need to just restore peoples characters and items if something like that happens and it was their fault. Its not because they should, its because its just good business ethics. What drew me to GWs was the fact they didnt charge a monthly fee and they seemed like a good company. I learned why many people called them NCshit after a few months when many people I knew had their accounts literally hacked. Some claimed they never responded to phishers or gave their account info out and ANet told them SoL. GW2 better not be like this is all I got left to say.

Swingline · Apr 07, 2011, 06:28 AM // 06:28

Quote:

but I'm seriously concerned about whether they might be able to hack into my online accounts such as paypal.

I dont use paypal anymore because I logged in after a while and my personal info was changed with the remaining $7(lol) taken out. The scary thing is paypal was linked into my bank account. TY god my bank called me before letting the ridiculous withdraws go through and once I told them I didnt make them they went on high alert for my account. I informed paypal but they didnt do anything about finding out who did it, personally I think there was some kind of breach and they kept it hush hush. From then on I try to live as under the radar as possible.

X-Plosiv · Apr 07, 2011, 07:28 AM // 07:28

Quote:

Originally Posted by Swingline

I dont use paypal anymore because I logged in after a while and my personal info was changed with the remaining $7(lol) taken out. The scary thing is paypal was linked into my bank account. TY god my bank called me before letting the ridiculous withdrawls go through and once I told them I didnt make them they went on high alert for my account. I informed paypal but they didnt do anything about finding out who did it, personally I think there was some kind of breach and they kept it hush hush. From then on I try to live as under the radar as possible.

Did it happen around when Paypal was "hacked"?

I'm talking about this.

Swingline · Apr 07, 2011, 08:22 AM // 08:22

Quote:

Originally Posted by X-Plosiv

Did it happen around when Paypal was "hacked"?

I'm talking about this.

No. It was months before that actually. That was a denial of service attack which shutdown the site and its services. I believe my incident was one of many that happened because shortly after I fixed my account I found out that many people had the same problem. When they complained, Paypal told them it was a mistake of some sort on their part and they fixed their info and balances right away. Since I hardly used my account I didn't find out until I logged in to sell a WoW account and the very next morning my bank called me and told me that someone was trying to make large withdraws on Paypal and that's what really told me it wasn't some mistake. They didn't hack my e-mail because the only thing that got hacked was my Paypal account while every other financial site I belonged to was fine. All this pointed to the fact that Paypal probably had a breach themselves.

After this little incident I deleted every account I had with a financial site and will never have one again.

zwei2stein · Apr 07, 2011, 10:22 AM // 10:22

Paypal is something insane people use ... just stay away from it, use institution that has banking license (and is required by law to help in case of security breach and prevented from doing stuff like freezing your account) to handle your money.

@Chthon: yeah, if ncsoft/anet were customers, it could be uglier, still ... it depends on what data were lost. I would still mostly fear phishing (which would have your real info to make it actually beliveable).

Swingline · Apr 07, 2011, 12:01 PM // 12:01

After doing some research it seems many articles from corporate and private sites say the most likely reason this happened is because the people who infiltrated Epsilon are out to phish. They intend to use the other info to increase the success rate of phishing by posing as the company that epsilon had as a customer. So the most important thing you can do is strengthen your passwords and be extremely cautious with the e-mails you receive. I highly doubt they breached Epsilon solely to steal our GWs accounts.

The big question something like this raises is how secure is NCsoft. We know they don't have such a great past with the problems of having a NCMA. Something like the NCMA is supposed to help secure your account yet it makes it a liability and if something happens to your account your screwed even if it was because NCsoft had glitches and bug to bypass their security. A serious overhaul of their systems and software needs to be done but we all know how business' try to save money by prolonging maintenance and inspections. A prime example is the Japan nuclear crisis, the energy company in charge of those plants falsified inspection forms. If they had run routine maintenance on the power plants they would not be in this mess.

cataphract · Apr 07, 2011, 01:35 PM // 13:35

And here I was thinking an epic earthquake got the better of man's feeble attempts at constructing stuff that could actually resist previously mentioned earthquakes. The things I learn every day...

Divinitys Creature · Apr 08, 2011, 12:15 PM // 12:15

Well it's easier than having this coversation 250 million times in chat:

http://www.bash.org/?244321

hey, if you type in your pw, it will show as stars
********* see!
hunter2
doesnt look like stars to me
*******
thats what I see
oh, really?
Absolutely
you can go hunter2 my hunter2-ing hunter2
haha, does that look funny to you?
lol, yes. See, when YOU type hunter2, it shows to us as *******
thats neat, I didnt know IRC did that
yep, no matter how many times you type hunter2, it will show to us as *******
awesome!
wait, how do you know my pw?
er, I just copy pasted YOUR ******'s and it appears to YOU as hunter2 cause its your pw
oh, ok.

Voodoo Rage · Apr 08, 2011, 02:30 PM // 14:30

lmao...............

Draca · Apr 08, 2011, 04:43 PM // 16:43

Quote:

Originally Posted by Dzjudz

This message might as well be:

If you type in any e-mail address, you might type in an actual e-mail address somebody uses for GW.

Brute-forcing into GW. Really?

Agree and this will not effect gw users since they still can't connect your address as gw account.

What might increase is targeted phishing mails for people using the services listed.

As always have a strong pw for your account and never tell anyone that pw and you will be fine.

We don't need more security for gw or ncsoft accounts. Character names also don't help security at all. Simply because both bits of information is things you know. Reason they added it at all is becouse people use qwerty, 12345, abcd as pws