Not wanting to start a panic...

... but I just had my Nexon account deactivated for "inactivity or suspicious activity."
Since I'm logged pretty much 24/7, I have to assume it was the second.
Meaning someone tried to hack into my account.

This follows on some reports on Basil and the official forums, about a recent wave of hackings. Apparently all or most are high-profile players in Windia. (I'm in Kradia).

So, time to make sure your passwords are strong, your security questions are hard to guess, and your valuables are locked.

maplestory was the one game that pushed my limits for a ridiculous password length(past 20 characters) due to how the game was handled =X. Albeit I dont play anymore(and alot of people), I'm suprised the hacking waves are starting right now.

database leak ?

Quote:

---

Originally Posted by TidusLoveYuna

database leak ?

---

No idea.

I have never told my account ID to anyone, nor typed it in at any site but Nexon's, but the account is old enough to have been in the database that was leaked some years ago.
The hackers failed to get in, but I don't know whether that was because they couldn't crack the password, or because I was already logged in.

Quote:

---

Originally Posted by SaptaZapta

No idea.

I have never told my account ID to anyone, nor typed it in at any site but Nexon's, but the account is old enough to have been in the database that was leaked some years ago.
The hackers failed to get in, but I don't know whether that was because they couldn't crack the password, or because I was already logged in.

---

ah ok well i changed my pass on my acc just in case :)

Strangely enough, just received the same thing on a mule account of mine. If it means anything, it was associated with the email that I actually use on a daily basis.

Hmm... This is weird. Why target Windia?
(time to change my password again)

According to my Scanian chat group, accounts over there got compromised.

It's probably safe to say to treat this as a database breach/leak?

FYI, this is very likely the result of REDUNDANCY. Basically most people have a tendency to use the same user/pass combination on multiple sites, message boards and the like... so it only takes just ONE of those sites to become compromised (or setup as a honey pot) and then the script kiddies can basically get into EVERYTHING. So make sure you're using a DIFFERENT username and password for every site, or at least different classes, like the same combination for message boards, but then a different combination for actual games.

Quote:

---

Originally Posted by Krysti

FYI, this is very likely the result of REDUNDANCY. Basically most people have a tendency to use the same user/pass combination on multiple sites, message boards and the like... so it only takes just ONE of those sites to become compromised (or setup as a honey pot) and then the script kiddies can basically get into EVERYTHING. So make sure you're using a DIFFERENT username and password for every site, or at least different classes, like the same combination for message boards, but then a different combination for actual games.

---

You do realize over the course of the last 5 years there's been almost 4 separate incidents of mass hackings that the player had no control over, right? Hell the database leak has happened at least twice. I think people went all paranoid after the first one in like, 2010-2011. I mean, that's what you get with shi`tty security.

ffs time to change mah passwurd again.

Didn't some rep from Nexon say they were working on some form of 2 factor authentication at one point in time?

Quote:

---

Originally Posted by Zelkova

ffs time to change mah passwurd again.

Didn't some rep from Nexon say they were working on some form of 2 factor authentication at one point in time?

---

I recall them saying they were considering it, but they never really brought it up again after that. I really think they should get authenticators like blizzard (and many other companies) has.

Quote:

---

Originally Posted by Justin

I recall them saying they were considering it, but they never really brought it up again after that. I really think they should consider getting authenticators like blizzard (and many other companies) has.

---

Even just an app would do. They don't need to get anything physical.

Quote:

---

Originally Posted by Zelkova

Even just an app would do. They don't need to get anything physical.

---

Yeah, anything 2 factor would be incredibly beneficial. The PIC clearly isn't doing squat. Never really has, to my knowledge

Haven't logged in in months, saw this just now and went to the site to try. I'm fine, might change password later if I remember though(probably not).

Quote:

---

Originally Posted by Justin

Yeah, anything 2 factor would be incredibly beneficial. The PIC clearly isn't doing squat. Never really has, to my knowledge

---

It only has prevented the players themselves from playing :excellent:

Huh, you're account can get deactivated for inactivity? I should check mine, haven't logged in in over a year, I wonder how long an account would need to be inactive.

Quote:

---

Originally Posted by Niernen

Huh, you're account can get deactivated for inactivity? I should check mine, haven't logged in in over a year, I wonder how long an account would need to be inactive.

---

I think it takes quite a while, I logged onto a mule that I haven't logged into in close to two years and it was still open

Quote:

---

Originally Posted by Terebii

I think it takes quite a while, I logged onto a mule that I haven't logged into in close to two years and it was still open

---

Which kind of sucks, tbh.
Assuming you have access to your email, the deactivation is actually good for you.

Quote:

---

Originally Posted by SaptaZapta

... but I just had my Nexon account deactivated for "inactivity or suspicious activity."
Since I'm logged pretty much 24/7, I have to assume it was the second.
Meaning someone tried to hack into my account.

---

... and it just happened again.