Not wanting to start a panic...
... but I just had my Nexon account deactivated for "inactivity or suspicious activity."
Since I'm logged pretty much 24/7, I have to assume it was the second.
Meaning someone tried to hack into my account.
This follows on some reports on Basil and the official forums, about a recent wave of hackings. Apparently all or most are high-profile players in Windia. (I'm in Kradia).
So, time to make sure your passwords are strong, your security questions are hard to guess, and your valuables are locked.
Re: Not wanting to start a panic...
maplestory was the one game that pushed my limits for a ridiculous password length(past 20 characters) due to how the game was handled =X. Albeit I dont play anymore(and alot of people), I'm suprised the hacking waves are starting right now.
Re: Not wanting to start a panic...
Re: Not wanting to start a panic...
Quote:
Originally Posted by
TidusLoveYuna
database leak ?
No idea.
I have never told my account ID to anyone, nor typed it in at any site but Nexon's, but the account is old enough to have been in the database that was leaked some years ago.
The hackers failed to get in, but I don't know whether that was because they couldn't crack the password, or because I was already logged in.
Re: Not wanting to start a panic...
Quote:
Originally Posted by
SaptaZapta
No idea.
I have never told my account ID to anyone, nor typed it in at any site but Nexon's, but the account is old enough to have been in the database that was leaked some years ago.
The hackers failed to get in, but I don't know whether that was because they couldn't crack the password, or because I was already logged in.
ah ok well i changed my pass on my acc just in case :)
Re: Not wanting to start a panic...
Strangely enough, just received the same thing on a mule account of mine. If it means anything, it was associated with the email that I actually use on a daily basis.
Re: Not wanting to start a panic...
Hmm... This is weird. Why target Windia?
(time to change my password again)
Re: Not wanting to start a panic...
According to my Scanian chat group, accounts over there got compromised.
It's probably safe to say to treat this as a database breach/leak?
Re: Not wanting to start a panic...
FYI, this is very likely the result of REDUNDANCY. Basically most people have a tendency to use the same user/pass combination on multiple sites, message boards and the like... so it only takes just ONE of those sites to become compromised (or setup as a honey pot) and then the script kiddies can basically get into EVERYTHING. So make sure you're using a DIFFERENT username and password for every site, or at least different classes, like the same combination for message boards, but then a different combination for actual games.
Re: Not wanting to start a panic...
Quote:
Originally Posted by
Krysti
FYI, this is very likely the result of REDUNDANCY. Basically most people have a tendency to use the same user/pass combination on multiple sites, message boards and the like... so it only takes just ONE of those sites to become compromised (or setup as a honey pot) and then the script kiddies can basically get into EVERYTHING. So make sure you're using a DIFFERENT username and password for every site, or at least different classes, like the same combination for message boards, but then a different combination for actual games.
You do realize over the course of the last 5 years there's been almost 4 separate incidents of mass hackings that the player had no control over, right? Hell the database leak has happened at least twice. I think people went all paranoid after the first one in like, 2010-2011. I mean, that's what you get with shi`tty security.
Re: Not wanting to start a panic...
ffs time to change mah passwurd again.
Didn't some rep from Nexon say they were working on some form of 2 factor authentication at one point in time?
Re: Not wanting to start a panic...
Quote:
Originally Posted by
Zelkova
ffs time to change mah passwurd again.
Didn't some rep from Nexon say they were working on some form of 2 factor authentication at one point in time?
I recall them saying they were considering it, but they never really brought it up again after that. I really think they should get authenticators like blizzard (and many other companies) has.
Re: Not wanting to start a panic...
Quote:
Originally Posted by
Justin
I recall them saying they were considering it, but they never really brought it up again after that. I really think they should consider getting authenticators like blizzard (and many other companies) has.
Even just an app would do. They don't need to get anything physical.
Re: Not wanting to start a panic...
Quote:
Originally Posted by
Zelkova
Even just an app would do. They don't need to get anything physical.
Yeah, anything 2 factor would be incredibly beneficial. The PIC clearly isn't doing squat. Never really has, to my knowledge
Re: Not wanting to start a panic...
Haven't logged in in months, saw this just now and went to the site to try. I'm fine, might change password later if I remember though(probably not).
Re: Not wanting to start a panic...
Quote:
Originally Posted by
Justin
Yeah, anything 2 factor would be incredibly beneficial. The PIC clearly isn't doing squat. Never really has, to my knowledge
It only has prevented the players themselves from playing :excellent:
Re: Not wanting to start a panic...
Huh, you're account can get deactivated for inactivity? I should check mine, haven't logged in in over a year, I wonder how long an account would need to be inactive.
Re: Not wanting to start a panic...
Quote:
Originally Posted by
Niernen
Huh, you're account can get deactivated for inactivity? I should check mine, haven't logged in in over a year, I wonder how long an account would need to be inactive.
I think it takes quite a while, I logged onto a mule that I haven't logged into in close to two years and it was still open
Re: Not wanting to start a panic...
Quote:
Originally Posted by
Terebii
I think it takes quite a while, I logged onto a mule that I haven't logged into in close to two years and it was still open
Which kind of sucks, tbh.
Assuming you have access to your email, the deactivation is actually good for you.
Re: Not wanting to start a panic...
Quote:
Originally Posted by
SaptaZapta
... but I just had my Nexon account deactivated for "inactivity or suspicious activity."
Since I'm logged pretty much 24/7, I have to assume it was the second.
Meaning someone tried to hack into my account.
... and it just happened again.