http://masterherald.com/steam-hit-by-major-security-breach-many-accounts-hacked/23239/
The gist of it is, Steam was cracked, many Steam accounts were hacked, but Steam didn't notify it's users. In my opinion, that's negligent...in a major way. With today's problem with internet breaches, providers should be prompt and proactive in notifying their user base, as breaches tend to not only affect a person's service account, it can also affect finances and credit. There's a lot of gray or overlapping areas where breaches are concerned. If a game service provider is hacked and credit card data is tied to the account, purchases can be made internet-wide. As well, home address information tied the the account can be used to open lines of credit against your name.
I really think that there should be laws that govern how businesses interact with their customers when breaches occur. There should be no more waiting when there's a time criticality tied to most breaches.
Showing posts with label breach. Show all posts
Showing posts with label breach. Show all posts
Monday, July 27, 2015
Saturday, July 18, 2015
Origin Account Hacked!
My Origin account got hacked today. Was out shopping and missed the "your password has been changed" e-mail from Origin. I saw it maybe an hour later, and immediately submitted a trouble ticket. They called me immediately (within a minute of creating the trouble ticket). Whoever made the change was able to guess the answers to my security questions (WTF).
They also changed the e-mail address associated with the account to "garryjhonson98@gmail.com". They changed the origin ID to "ENFIELD_Hare_Gr".
The EA agent reverted back to my original e-mail address and set up new security questions. He changed the Origin ID to something else. He also set up login verification (that wasn't active on my account) and tied it to my phone number so that any future password changes would be directed to my phone...if they don't have to code sent to my phone, they can't change anything on the account.
He also told me to check my friend list, as they tend to add themselves to the list after hacking accounts (so that they might be able to try again later).
I've no idea how they were able to know my login and guess my password, as well as the answers to my security questions. Luckily, no purchases were made, as I had a credit card linked to the account.
I'm sharing all this in case this person is jumping between people's friend lists.
UPDATE - 8/4/2015: Noticed another hack attempt...Origin sent me a security code via text, meaning someone tried to access my account but won't be able unless they can retrieve the security code that was sent to me (via phone).
They also changed the e-mail address associated with the account to "garryjhonson98@gmail.com". They changed the origin ID to "ENFIELD_Hare_Gr".
The EA agent reverted back to my original e-mail address and set up new security questions. He changed the Origin ID to something else. He also set up login verification (that wasn't active on my account) and tied it to my phone number so that any future password changes would be directed to my phone...if they don't have to code sent to my phone, they can't change anything on the account.
He also told me to check my friend list, as they tend to add themselves to the list after hacking accounts (so that they might be able to try again later).
I've no idea how they were able to know my login and guess my password, as well as the answers to my security questions. Luckily, no purchases were made, as I had a credit card linked to the account.
I'm sharing all this in case this person is jumping between people's friend lists.
UPDATE - 8/4/2015: Noticed another hack attempt...Origin sent me a security code via text, meaning someone tried to access my account but won't be able unless they can retrieve the security code that was sent to me (via phone).
Subscribe to:
Posts (Atom)