Nov 04, 2009, 02:46 PM
|
#2
|
|
Administrator
|
I've reconsidered keeping this a discussion thread. I would like the user's experience and the ArenaNet responses to really just stand for themselves. Accusations can fly back and forth and I would rather make sure that everyone is aware of information firsthand rather then leave it up for speculation and debate.
Quote:
|
Originally Posted by Gaile Gray
I have been actively discussing the stolen/hacked account issue with devs inside ArenaNet and with a number of NCsoft team members, as well. We have many teams involved -- programmers, network team members, security team members, etc. -- so you can be sure this situation is being given a great deal of focus and attention.
While I cannot and would not say flat out that "It's not (something or other)" because we don't have enough information yet to make that statement, I can tell you that we carefully spot-checked a few accounts last evening, and at least one of them was not tied to a NCsoft Master Account. The hacked account was a straight Guild Wars account with no association whatever with the NCsoft site. So theorizing that there is a breach or a window of hacking opportunity on that site -- and that such a weakness is resulting in stolen accounts -- seems inaccurate, given the facts in front of us.
In my opinion, it would be an error to combine posts about accidental blocks for fraud and posts about stolen accounts. They are entirely different situations, and should be discussed separately, as they are being handled differently. I've already informed you as much as I am able about the fraud issue just above. (See this conversation, please.) And as I said, stolen accounts are a very different case. Both situations are being reviewed and both are being addressed as quickly as possible.
Everyone who gets an in-game message saying his or her account is blocked should contact support. If your account was hacked, you will most likely receive a message when you try to log into the game that says the account has been terminated. This is for your own protection, an attempt to prevent the RMT thief from stripping the account or using it to advertise gold sales. (Of course we cannot guarantee that the account will remain intact; the items may already have been harvested. But we lock down the account as quickly as possible in your best interests and will unlock it when you contact Support.) When writing, provide the error message that you received so that the team can quickly align your issue -- hacked account or erroneous "fraud" ban.
Please let me know if you have further questions and I will help as much as I am able to do so. Thanks for reading this and please feel free to share this with others, as you see fit. -- Gaile 19:57, 4 November 2009 (UTC)
I want to point out that the forum has two separate threads on the ongoing issues of account theft and accounts accidentally marked for "fraud." That will help keep the conversations topical and of more value to the individuals who are affected. -- Gaile 20:27, 4 November 2009 (UTC) |
http://wiki.guildwars.com/wiki/Feedb..._Account_Hacks
|
|
|
|
Nov 05, 2009, 01:25 AM
|
#3
|
|
Administrator
|
Updates on those with 045 errors:
Quote:
|
Originally Posted by Gaile Gray
Erroneous Fraud Blocks: 1 Nov 2009
On Sunday, November 1st, a few Guild Wars accounts were erroneously blocked for payment fraud even though their purchases were entirely legitimate. It is necessary for the company to be very careful about fraud because it is a significant issue these days, but the Support Team discovered this morning that, unfortunately, a few innocent folks got caught in the net yesterday, and for that we apologize.
The Support Team is aware of this situation and is actually shifting personnel to deal with the issue. They will be responding to tickets as quickly as they can. Reinstatement takes a bit of time because each key must be adjusted manually (and some accounts have many keys), so please be patient while the team strives to remedy the situation. If your account was affected and you have not been reinstated by tomorrow evening (Tuesday, November 3rd) please feel free to post your Support Incident Number here and I will look into the matter for you. Again, we extend our sincere apologies for this mix-up! -- Gaile 19:51, 2 November 2009 (UTC)
Update: 2 November 2009
Those players who were involved in this specific incident will be happy to know that their patience and understanding will have a reward. Those of you who attempted to make a purchase and were erroneously blocked for "fraud" will find that the purchase price will be credited back to the you, and the item or items that you attempted to purchase will be given to you with our compliments.  -- Gaile 01:12, 3 November 2009 (UTC)
Update: 4 November 2009
Unfortunately, I'm not able to review individual tickets yet. I have sent for an update on the expected turn-around time on this issue and will post as soon as I know more. At this point, please hold tight and don't post a follow-up here (or via fan forum PMs or emails to me) until I find out when folks should expect to hear back from the team. Thank you. -- Gaile 20:23, 4 November 2009 (UTC)
Update: 4 November 2009 (Part 2)
I spoke with the lead of the Billing Team, and he told me that they are making progress on the account restorations, but it will take more time to get everyone back into the game. Team members are working overtime this evening, and the hope is that they will have everyone who wrote on Sunday, Monday, and Tuesday cleared up by tonight (US time). They still have an expanded number of people working on this matter, so we hope to get new reports turned around very quickly now.
Please do not make a phone call if you have already submitted a ticket. Please do not submit a duplicate ticket. Please do know that you are in the system, and you will be helped as quickly as possible. Here is one of Gaile's Lame Analogies (tm): Mom's cooking dinner, making good progress. But the kids keep calling her into their room to ask "Is dinner ready yet?" Every time they do that, cooking stops, and the dinner is further delayed. (See I told you it was lame. ) The point is, a phone call will not move you up in the queue, but it will take team members away from the ticket they are dealing with -- maybe yours! -- and that's not going to help anyone. So please, contact support once, and let them do their work.
I will post another update as I have more information. If a few of you end up not getting sorted after I've been told we have an "All Clear," you can count on me helping with those individuals cases. (But not just yet, please.) Thanks again for your patience. -- Gaile 03:36, 5 November 2009 (UTC) |
http://wiki.guildwars.com/wiki/Feedb...ks:_1_Nov_2009
|
|
|
|
|
Nov 12, 2009, 09:22 AM
|
#4
|
|
Administrator
|
Quote:
|
Originally Posted by Gaile Gray
I have a thought to share. The most reasonable conclusion that we have been able to draw, so far, is that the hackers are getting account credentials external to Guild Wars and external to the NCsoft Master Account. They are then hacking their victims by using the actual credentials, as if they owned the account. Most victims have used those credentials elsewhere. Maybe their game account and their email share credentials; maybe they use the same in the game and in a fan forum. Some of the largest forum software programs (the ones whose names you know) and some of the major social networking sites have very grave security issues. It clearly is possible for a hacker to acquire a list of where you're active and what passwords you are using. And that ties in with what I see in researching hacks. The hacker may try three or four passwords, but he's gotten those passwords somewhere, he's not guessing. (Velocity systems will slow this down, but they will not prevent access when someone has legitimate passwords.)
I want to emphasize that we're looking at every level of our systems -- both Guild Wars/ArenaNet and NCsoft -- but we're not finding any sort of weakness. I've talked to a lot of hacking victims and I have the stats, but I won't go all formal on you. Let's just say that a significant number of victims (the vast majority) confess that they were using a weak password. Many say they use the same password everywhere or use it in places where hackers naturally would look, like the game and a fan forum. Others can't be sure exactly where they may have used the same credentials, but admit it is possible that they did. Our Security Operations Team feels this it is this shared credentials situation that is allowing the hacks to happen.
So the best advice I can give you is as follows:
- Do not use your Guild Wars user name anywhere else.
- Do not use your Guild Wars password on any other site, in any other game, or anywhere else.
- Do not post in a way that reveals your user name (such as for trades).
- Consider not posting with your in-game characters names. If someone is targeting you, it's harder to find you if you have a unique forum name and a unique set of character names that are not known on the very site from which someone may be getting your personal credentials.
- And of course, don't download programs, do run frequent virus/trojan checks, do keep your virus protection up to date, etc., as I outlined on the Account Security Page.
I cannot guarantee you that taking these precautions will protect your account. But I can tell you that not following these practices could put you at risk. And honestly, I don't see how there is anything we (ArenaNet) or our publisher (NCsoft) can do to enhance security when someone acquires your credentials externally and uses them to get into your account. -- Gaile 02:21, 8 November 2009 |
Quote:
|
Originally Posted by Gaile Gray
I knew, as I typed the above, that someone would ask about changing a user name once tied to an NCsoft Master Account. It only took minutes for that question to arise. And I know that this is something that we need to make changes to allow. In all honesty, I have been working for nearly 5 years to get this change made, but there are reasons why it hasn't happened, mostly related to the fact that multiple teams need to be involved, the change it not a trivial one, and naturally great care must be taken to ensure that security remains high.
However, in light of the recent increase in account thefts, I've taken the opportunity to bring this up yet again. (As I wrote that email, I could almost hear a few folks sighing, at my persistence.  ) I will ask about this again next week, for I have a meeting with some folks who may be able to shed a bit of light on when we can make it possible to change a Guild Wars game user name for an account that is tied to an NCsoft Master Account (formerly called a PlayNC Account). If I get info, I'll share it. If I don't get info, count on me to continue to try to get it.  -- Gaile 02:46, 8 November 2009 (UTC) |
Quote:
|
Originally Posted by Gaile Gray
Dozens of people and companies have your email address. But unless you use a weak password, none of those entities can steal your account. While I think we need to allow the changing of the user name, that is not the be-all and end-all for this situation, for appropriate personal security and a complex password are the key. -- Gaile 07:08, 8 November 2009 (UTC)
|
http://wiki.guildwars.com/wiki/User_..._091107-001118
Quote:
|
Originally Posted by Gaile Gray
I will be happy to explain. If an external site is insecure, and someone manages to obtain account credentials, having one's name as a "Top Trader" or "the person who has a gazillion ectos to trade" can provide an impetus for a hacker to focus on accessing that particular account. And a lot of times, one's character name may be Fred the Warrior and their account email address may be fredthewarrior@someemailprovider.com.
One of our security agents was able to find every one of a sample list of hacked accounts that I sent him with a simple Google search. I don't mean he acquired their credentials but he did learn where they were active, and knowing one point of data can lead to others.
So the suggestion about keeping one's character names a bit on the private side is intended as an idea about achieving, perhaps, an extra means of security. It may be overdoing the matter; that's up to you to decide. After all, the suggestion about character names does not form the main thrust of my advice, which concerns using unique user names and unique password. -- Gaile 04:28, 12 November 2009 (UTC) |
http://wiki.guildwars.com/wiki/User_..._091107-000974
Quote:
|
Originally Posted by Gaile Gray
We learned today that one of the trading sites associated with Guild Wars may have experienced a security breach and its account database (including user names and passwords) may be in the hands of hackers. So far we have identified more than 20 Guild Wars account that appear to have been accessed by unauthorized individuals who may have been involved in the fansite's database breach.
Our security recommendations have never been more timely, particularly those that suggest that you always use a unique password for every single account that you own.
We have closed the game accounts of those involved in the account thefts. We will be watchful for further episodes. And we will be contacting the fansite owner to continue gathering information related to this incident. -- Gaile 21:48, 9 November 2009 (UTC)
|
http://wiki.guildwars.com/wiki/User_...ecurity_Breach
|
|
|
|
|
Nov 13, 2009, 04:42 PM
|
#5
|
|
Administrator
|
Quote:
|
Originally Posted by Gaile Gray
I am concerned that you've blamed the unauthorized access to your account on NCsoft or ArenaNet. That simply is not an appropriate thing to say. Google posts do not necessarily equal fact, although if you wish you can email me the links and I'll be happy to review them. NCsoft has historically been very open about security issues in the past and I believe that NCsoft and ArenaNet would be forthright about any internal vulnerabilities if they were discovered today.
We are reviewing security at every level. We have identified a potential breach via one fansite; we've been told that many others may be at risk. In your personal situation, you may believe (or know) that those vulnerabilities don't relate to your account theft. But since we are still looking into this, it's too early to lay blame anywhere other than with the known issues, and it's highly inappropriate to draw any conclusions, including one that leads you to believe that ArenaNet or NCsoft is responsible for your account's loss.
I sympathize for the loss of your items, I truly do. But I think everyone should be responsible and appropriately accurate about statements of blame. An internal vulnerability has been disproved on every level of investigation we've conducted thus far. -- Gaile 21:14, 13 November 2009 (UTC)
|
http://wiki.guildwars.com/wiki/Feedb...31.5D.E2.80.8F
Quote:
|
Originally Posted by Gaile Gray
My professionalism prevents me from using expressions like "Are you nuts?" But I'm going to slip that in there just as a little nudge. Are you suggesting that the company would somehow allow RMTs to flourish because we'd sell more games when they replace closed accounts? Think about it! NCsoft is a multi-billion-dollar company. Would they risk their global reputation to sell a few games? A thousand games? A million games? NCsoft is in this industry for the long haul, and reputation is critical!
You should know this important fact: RMTs seldom buy games. They steal them. They steal them from people who buy their gold or items. They steal them by injecting Trojans onto game or forum accounts and keylogging the passwords. They steal them through social engineering. They steal them through hacking fan forum databases, finding people with shared credentials, and taking over the account. For every new account an RMT buys -- if they buy any at all -- we're looking at the costs of assisting dozens if not hundreds of their victims. There's a seriously horrible cost/benefit ratio to selling an account and having to resolve 20 support claims (each of which is probably more costly than the profit from a game sale).
We spend thousands of dollars a day taking action on all sorts of accounts, from cheaters to harassers to RMTs. We are highly incented to keep the RMTs out of the game, and we put our dollars where our philosophy is by paying for staff to remove them. And we remove them not because we want them to buy a new game, but because their activities have a harmful effect on legitimate players. If our diligence drives some away from Guild Wars -- and it has in the past -- we help support the game economy and we reduce the security risks of RMTs trying every means under the sun to steal your account. -- Gaile 21:29, 13 November 2009 (UTC) |
http://wiki.guildwars.com/wiki/Feedb... InGame_Store
|
|
|
|
| Thread Tools |
|
|
| Display Modes |
 Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -6. The time now is 12:07 AM.
|
MMO Guru Network
