Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
Quick Links
MMORPG.com Database Hacked??
This discussion has been closed.
It looks like you're new here. If you want to get involved, click one of these buttons!
Comments
The moral of the story is to keep forum passwords and game passwords different. Also, for each mmo game you own, make sure each has its own unique password.
Now theres those people that have so many games and so many websites they visit that use passwords. So how does one keep track of them all and make sure you are not duplicating passwords and user names?
Simple. Create a database using excel or the like and store the info on it. But DO NOT SAVE THE FILE ON A PC. Store it on a thumb drive or a CD-RW. Keep it in a safe secure place in your home and never take it with you to work, friends house, etc. Also never keep the thumbdrive or CD-RW with that file inserted in the PC unless you are using it to update or look up information.
This will insure that the file cant be accessed from an outside source. Only thing that may get a hold of your passwords at that point is if a keylogger or other malicious program sneaks on to your system.
Note: Do not keep financial institution website (bank, stock market, retirement, or the like) user/passwords information in the file incase someone was to find that info, either through burglary or a nosy relative. In fact, you really should commit those to memory and also keep each with its own unique password and user name.
When making passwords make sure they are long, use a combination of both capital and lower case letters, and use symbols and numbers.
IA isnt a career
i can list 90% of your work with one url
http://iase.disa.mil/stigs/
edit - sorry if im coming off as a jerk, i just like having fun with IA people, you always make work harder for the engineers
Actually the more likely scenario is that fansites and such have had there security compromised. The risk is minimal and the rewards turn out more often than not to be more than worth what little risk there is. Sites like MMORPG.com do not have your CC info or anything that would be considered sensitive. The only thing someone could gain would be an email address and passwords for this site. This means that a site like MMORPG.com uses adequate security measures for the type of information it's housing but not excessive security measures that would add unjustified finacial burden on them.
A company like NCsoft is not impervious to having its security compromised but there is a great more risk involved so most don't go that route and when they do they tend to go after credit card and more sensitive information. It's not very likely at all that they would go through the hassle of bypassing the level of security a company like NCsoft has for something as piddly as your user name and password. The reward simply does not justify the risk. If thats all they were going after and managed to get in then they are amateurs and if they are amateurs they wouldn't likely get in.
Now if you go back and re-read this site actually did have it's security compromised a few years ago. Curse... dear lord don't even get me started on that site lol. Many gaming site, professionally done and fan based have been compromised over the years repeatedly. If you use a user/pass that you have used on those sites you are asking for your account to be taken and odds are it will eventually.
Me personally I have a email for spam "Thank you for comming to our store, if you get our rewards card you will save money all we need is an email address!" they get my spam email. For general emails on sites like this I give them my standard address that I check for news and updates. For a game account every game warrants a new account. Then I have a private account for business purposses.
I always use a new password when I set something up and I have a habbit of changing them every 6 months.
I am mildly paranoid when it comes to online security, this has kept me pretty safe over the years.
Thanks for the absolutely useless post, hope you got off by writing it.
I'm actually enjoying the anger and resentment involved with me posting some basic credentials in a post. I must have been totally naive not to realize that they would actually discredit me.
You can think I'm a lying, loser, janitor if it makes you feel better about yourself, I was simply trying to help my fellow MMO players.
"I understand the confusion. I never said that you are not good at what you do. It’s just that what you do is not worth doing."
I'll let you guess from which series it is but that's the gist of the other posters:P
Doesn't MMORPG.com use password hash to sign in?
I'm gonna freak out if they don't.
Ultima Online 98~04
Dark Age of Camelot 03~07
Final Fantasy XI 04~06
Guild Wars 05~08
World of Warcraft 04~05
Unsuccessful Tries: DFO/EQ2/DRaja/Rag/Req/RYL/9D/Cabal/KO/PSU/RF/GE/TO/TR/DDO/EVE/LoTRO/L2/RZ/SWG/VG
It is not infeasable at all. I write all of mine down in a notebook. I write them down because they are strings of random numbers and both lower and upper case letters. Then....place said note book in the safe in my room. If you are willing ot break into my house and steal my notebook, you win.
Edit: Typo
Come on...posts like these make me laugh. I'm an IT professional as well and I don't use a unique password for every single site I visit either. That does not make what I do irrelevant, but I do the same with the sites I really don't care about getting hacked in using the same password. I laughed out loud at the person who dismissed the OP and then said any educated person knows you only have to run a virus scan once a month...our scans for our company are set at every 2 hours and every now and then stuff still can get through. You don't need a virus for your password to be stolen, there are many other ways to do it. It's sad that the OP comes on with a legit concern and gets flamed for it, assuming his credentials are true which I have no doubt they are.
Played: EQ1 (10 Years), Guild Wars, Rift, TERA
Tried: EQ2, Vanguard, Lord of the Rings Online, Dungeons and Dragons Online, Runes of Magic and countless others...
Currently Playing: GW2
Nytlok Sylas
80 Sylvari Ranger
Ditto. I have over 20 years of IT experience. I stated out as a unix admin and programmer back on SunOS and Digital Unix. I have since moved into enterprise networking and security. I currently manage the UC and Network Engineering teams for a large 10,000 node medical network, that I personally designed and stood up.
If the OP's comments made the idoits on this forum mad for quoting off his creditentials than I am sure my post will make them truely livid.
What peeps do not seem to not understand is that hackers have been harvesting and cross-referencing our accounts and passwords from MANY websites for years. In other words it is not just one or two websites and games that failed you, but dozens if not more!
Please move this post to the general gaming forums...
I dont see a relationship to GW2
Best MMO experiences : EQ(PvE), DAoC(PvP), WoW(total package) LOTRO (worldfeel) GW2 (Artstyle and animations and worlddesign) SWTOR (Story immersion) TSW (story) ESO (character advancement)
This just happened to me. I recieved that same email change notification, and now can't login to my account. I did NOT buy through MMORPG. My password was NOT the same.
This is a issue with GW2 site, NOT MMORPG.
WTF Arena net.
how old was that account on mmorpg.com that you believe was hacked?
because a few months ago the site here was hacked.
Philosophy of MMO Game Design
*Looks at join date, looks at person, looks at join date again*
Erm
Whats the matter with you people?
The OP has posted clearly in good faith, and with the intention of helping other people avoid what happened to him. First reaction was saying he was a liar and he was making everything up. Then an MMORPG administrator admits the story he is telling is probably truth (btw, MMORPG didnt inform us of that breach of security, bad for them). As we cant call him a liar anymore, we mock his job, his mistake and probably his football team if he has any.... Ofc he made a mistake....he is making it public for your benefit. I for one am thankful towards anyone who cares about my accounts not being hacked, so thank you OP.
It's his language. The things he says doesnt rate him as an IT security professional. There are plenty of cases of websites being breached, credit card numbers stolen and things a lot worse than a bit of game drama. Relying on SOHO anti malware for client protection is what most of us would do at home, but to hold it as a paragon of defense belies his inexperience.
2 years ago i got in a discussion with a dick here on this site (he bragged about joining guilds, robbing their banks and leaving them) I called him a sociopath. He started joking about my "expert knowledge" and asked me if i learned a lot about sociopaths while i was flipping hamburgers. I made the mistake of telling him ive been a practicing clinical psychiatrist for 17 years so, yes , i had expert knowledge on the fact. Lots of people proceeded to demonstrate how i was lying: someone with that kind of studies couldnt make so many grammatical and spelling mistakes as i made. I was just making it all up. Fun fact is it was all true. Im spanish, english is a learned language for me and ofc i make mistakes when i write in it- dont be so hasty to play Sherlock on other forum members, you may just overdo it-
MMORPG staff conceded that the facts he is stating are probably truth (they are consistent with the dates of a security breach they didnt make public) Thats good enough for me.
I dunno .. a Gw2 gaming forums being hacked, both Yahoo and Nividia being hacked ( In July I believe ) it's a lot of emails etc for people to try
Actually, it was stated that we did inform everyone back in 2010.
To give feedback on moderation, contact [email protected]
dont forget blizzard being hacked
could be 30 million+ emails from players that ever played WOW, Starcraft 2, Diablo 3 or any battlenet game
(Blizzard never gave numbers)
http://us.blizzard.com/en-us/securityupdate.html
Some data was illegally accessed, including a list of email addresses for global Battle.net users, outside of China.
EQ2 fan sites
If i got the facts wrong, i apologize
The hostility to the OP isn't really shocking. GW2 fans that haven't been hacked are up in arms anytime someone claims there is any reason other than people practically posting their password for all to see for these hacks.
I am inclined to agree with the OP that MMORPG.com is a good candidate for how this happened as it's the only gaming website I go to and use the same email that I used for GW2.
Please visit my youtube channel for some H1Z1/DayZ casual roleplay videos!
https://www.youtube.com/channel/UCrQoK5VZlwBBzpsksmXtjMQ
They are and those of us with common sense thank you for your posting this information. It's been said that people have had the suspicion that those hacked were using the same info on these type websites and the game. that's the best explanation i've heard so far as to how this is happening to so many people.
This thread has runs its course.
Locking it up.