Account Hackings - The Source

Smarty

Smarty

Krytan Explorer

Join Date: Mar 2008

England

Me/

02 Jan 2010 at 03:12 - 281
Quote:
Originally Posted by J I L T View Post
the only NCSoft reply I've seen was the one from Tamat compared to all the posts from players who really don't know full scope of the situation
The OP of that thread talked about logging in to someone else's NCsoft master account by accident and being able to change their game passwords and see their personal information. Tamat replied about the known issue of logging in to NCsoft's own Aion forum and winding up on someone else's forum account and seeing their character info. The two are completely different and Tamat is an idiot for misreading the OP and dismissing the issue and leading other NCsoft employees to believe that nothing important was being said.

Quote:
Plus I can't help but think that the hacking wouldn't be anywhere near as severe if players hadn't made forum topics exposing the flaws to the public.
Errr people were being hacked left right and centre long before any forum threads were made exposing the possible ways of being hacked. If anything, there's less people posting about being hacked since the details were released than there were before - probably because all the exposure got people changing what information they could in an attempt to safeguard their accounts from the non-NCsoft-master-account-hack route(s) that account for the half of the hacks that Regina and Gaile keep talking about.

Bob Slydell

Forge Runner

Join Date: Jan 2007

02 Jan 2010 at 03:12 - 282
Quote:
Originally Posted by flubber View Post
If I were to compromise security, I would harvest information for use at a later date. sure, -most- of the info might be useless (at a later date), most being the key word here. that, or compile it and sell it to the people who are dumb enough to actually use it..
Yup, most... but not ALL. I think a lot of the hacks before weren't right away, I'm sure the hackers probably waited a little while or spread them out from a earlier security breach as to not bring attention to themselves hacking masses of hundreds of accounts at a time.

AnClar

AnClar

Elite Guru

Join Date: Sep 2005

Texas USA

Sanitas In Absentia [SiA]

R/

02 Jan 2010 at 03:12 - 283
Quote:
Originally Posted by Rhododendron View Post
You guys really sound hysteric. Its the beginning of the new year. So what if they will mess up your accounts and the xunlai booty? Take a break. The more time you invested in the game and stayed in front of the pc screen, the more you could need it.
Hysterical (learn English please).....I don't think so. The worry, concern, frustration, and anger that is beng expressed in this thread is perfectly reasonable, given the implications for the compromising of personal information security, and account security. Maybe you don't care how your information is handled, but a lot of us do. As for me, I want to know that a company that I've decided to entrust my information to is taking reasonable and prudent care of it. As of now, I have serious concerns that NCSoft is not doing that.

And, just by the way, I noticed that Regina used a similar word in her post. I respect ANet staff personally, and I think they are trying to do the right thing within the constraints of being an NCSoft subsidiary. But I would say the same thing to you Regina. I don't think this is hysteria. Unless you can definitively show us that our information housed on NCSoft servers is safe, you're wrong to label the reacttions by posters in this thread as hysteria.

Turbo Ginsu

Turbo Ginsu

I despise facebook

Join Date: Feb 2008

Australia

Meeting of the Lost Minds

Me/

02 Jan 2010 at 03:13 - 284
Quote:
Originally Posted by Rhododendron View Post
You guys really sound hysteric. Its the beginning of the new year. So what if there is not even the slightest hint of decent security for your accounts? Take a break. The more time you invested in the game and stayed in front of the pc screen, the more you could need it. And taking a long break will also give the account stealers the time they need to clean you out properly without having to worry about being interrupted while they're working.
There u go. I fixed it for you. If you're going to troll, please do it somewhere where people don't have a legitimate concern about the security of their Real money/time investment.

GG.

AnClar

AnClar

Elite Guru

Join Date: Sep 2005

Texas USA

Sanitas In Absentia [SiA]

R/

02 Jan 2010 at 03:16 - 285
Quote:
Originally Posted by Turbo Ginsu View Post
There u go. I fixed it for you. If you're going to troll, please do it somewhere where people don't have a legitimate concern about the security of their Real money/time investment.

GG.
LOL Thanks....I forget to not feed the trolls sometimes.

karlik

Banned

Join Date: Sep 2009

02 Jan 2010 at 03:16 - 286
Quote:
Originally Posted by Cacheelma View Post
You're basically telling us all that both Anet and NCSoft are just a bunch of rookies who have to rely on thier own CUSTOMERS to investigate AND point out all sort of flaws in things, from marketing "don'ts", community management, BUGS, Security issues, and everything?

How reassuring. Can't believe I was foolish enough to shell out my money so many times in the past for such company.
It's not exactly that Anet/NCSoft don't know what's going, it's more that they won't admit it. There is constant denial in any business out there.

When was the last time time you heard a fast food joint say "yeah, we didn't cook the burgers long enough - it's our fault people got sick"?

It's not that they don't know what's going on and need us to tell 'em - it's that they don't want us to know, and we need to tell 'em we do.

I was one of the first to respond to the "character name" update, and I believe my comment was to the effect of it was like putting a "band aid on a severed artery".

Miscreant_Moon

Ascalonian Squire

Join Date: Jul 2009

Somewhere in Ascalon

Me/E

02 Jan 2010 at 03:20 - 287
Quote:
Originally Posted by Regina Buenaobra View Post
First of all, we have escalated this up to the NCsoft Security team, and they will investigate the issue.

There have been ongoing investigations on the hacking incidents for some time, and according to the data gathered, none of them appear to be directly or exclusively related to NCsoft Master Accounts. Some hacking victims have NCsoft Master Accounts, some don't. Data was recently reviewed, and about half are not NCsoft Master Account holders. Therefore the hysteria surrounding the idea that all hacks are coming through the NCsoft Master Account doesn't seem to be valid. However, this doesn't necessarily rule out that some hacks are coming through NCsoft Master Accounts. The information about this particular exploit is new to us, and we don't know what will happen as more people, due to this thread, learn about it and even try it. We're not brushing things under the rug, nor denying that there might be a problem. The Support team has not previously notified us of this issue as detailed in the OP. The first we have heard of this information, as detailed in this thread's original post, was brought to our (ArenaNet's) attention just recently (yesterday, according to Gaile), so it's incorrect to suggest that we've been covering it up for months. Please be assured that we are taking the concerns in this thread seriously, following up with NCsoft Security, and actively raising the issue with the Security team.

Thank you.
This is just deja vu of what we have continually seen from ArenaNet over the past few months. If you have all this data let us know. Surely you can't convince us that knowing how many accounts have been affected is going to hurt anything other then your PR. Are you stating that this is what is most important than? Screw the players, screw the years of work that have been lost. ArenaNet just doesn't want to let us know what's going on. Which makes us all the more suspicious.

So tell us than. How many accounts have been affected? How was Linsey's account, one of the Live Team devs that you guys have neither confirmed or denied, accessed and hacked into? Surely that's a data point that is going to be pretty solid evidence as to what happened with some of the other accounts and you've researched that thoroughly. Tell us how many people have been banned for this. Tell us how Aion and Guild Wars seem to both be mysteriously hit by the same type of NCSoft master account password resets at the same time. What connection is there between Aion and Guild Wars but the NCSoft master account? Instead of sitting there high and mighty in your lofty chairs, tell the players what you've found out. Simply stating that you haven't found a connection is no longer good enough. Simply stating the same thing over and over again about 1/2 the accounts not having an NCSoft master account is known. Simply telling us to change our passwords is known. Tell us what you have found with all this data you have.

Trx

Trx

Lion's Arch Merchant

Join Date: Feb 2007

Netherlands

E/

02 Jan 2010 at 03:20 - 288
This was just posted on Gaile's Support Issues Page

Quote:
Update: January 1, 2010 (7:15 PM Pacific)
ArenaNet and NCsoft staff members have been discussing the issues pointed out by players in various forum threads. We absolutely do take these concerns seriously, and measures are being and will continue to be taken to address the concerns on several levels. A change in one of the NCMA processes is being made even as I write, and I think you will all agree that this change will help tremendously in enforcing a high level of account security. I just want to say I'm very grateful to the people who have been involved. They are working on a holiday, some of them away from home, and they've just been splendid in getting into this, to listening, to looking at what they can do to help -- to taking on board the whole matter and making definite improvements in very short order.

Research continues and additional changes may be put in place. But if you try to change your password in on the NCsoft site, you will notice a change, I'm sure, that will enhance account security now and in the future. -- Gaile 03:15, 2 January 2010 (UTC)

chimx

Pre-Searing Cadet

Join Date: Sep 2009

Boston

[PAX]

Mo/

02 Jan 2010 at 03:20 - 289
The thing that bothers me the most is that these hacker reports started coming in in the beginning of Novemberish, and it amazes me that in two months time it took a member of the community to figure out at least partially what is going on. Bloody brilliant?

Giga_Gaia

Lion's Arch Merchant

Join Date: Sep 2006

Travelling around Tyria, Cantha, and Elona

P/W

02 Jan 2010 at 03:23 - 290
The thing is, though, that from our end only Gaile has been actively involved with fixing this problem. Since she can't do anything about the security loopholes on NCSoft's end, all we can do is sit back and watch the drama unfold. Very nerve wracking I agree, but Rhododendron is right. Still I agree with what many are saying. If/When my account does get hacked, I'll be sure to go back to WoW (and I don't even like WoW) and tell all my friends to not bother with another NCSoft product ever again. How sad.

Enko

Forge Runner

Join Date: Jun 2006

VA

Mo/

02 Jan 2010 at 03:25 - 291
Quote:
Originally Posted by Trx View Post
This was just posted on Gaile's Support Issues Page
really? I haven't seen any changes at all beyond the requirement for us to put a character name in when we log in now. There have been plenty of security holes that have been pointed out that any web programmer should be able to fix. Hopefully whatever change they're discussing comes out soon.

As numerous people have said, even requiring the old password to change the password would stop the majority of this for now until NCSoft can fix the real issue.

Trx

Trx

Lion's Arch Merchant

Join Date: Feb 2007

Netherlands

E/

02 Jan 2010 at 03:27 - 292
Quote:
Originally Posted by Enko View Post
really? I haven't seen any changes at all beyond the requirement for us to put a character name in when we log in now. There have been plenty of security holes that have been pointed out that any web programmer should be able to fix. Hopefully whatever change they're discussing comes out soon.

As numerous people have said, even requiring the old password to change the password would stop the majority of this for now until NCSoft can fix the real issue.
Just checked on NCSoft, you now have to put in the current password first. About time, no idea why this wasn't there in the first place.

Edit :

Quote:
The thing is, though, that from our end only Gaile has been actively involved with fixing this problem.
Somebody was hating on her earlier in the thread but she's probably the main reason they've done anything at all, I'm glad she's still around lol.

kokuou

Academy Page

Join Date: Nov 2007

N/Me

02 Jan 2010 at 03:28 - 293
Your current password is now required to change your GW password when trying to change it via the NCSoft Game Account site.

Miscreant_Moon

Ascalonian Squire

Join Date: Jul 2009

Somewhere in Ascalon

Me/E

02 Jan 2010 at 03:30 - 294
Quote:
Originally Posted by kokuou View Post
Your current password is now required to change your GW password when trying to change it via the NCSoft Game Account site.
Almost there and yet not quite. Current password is still not needed to change the NCSoft Master Account.

The Last Battle

Ascalonian Squire

Join Date: Nov 2009

FTS

A/E

02 Jan 2010 at 03:31 - 295
New years Resolution be more judgmental in companies i share personal info with.

Giga_Gaia

Lion's Arch Merchant

Join Date: Sep 2006

Travelling around Tyria, Cantha, and Elona

P/W

02 Jan 2010 at 03:32 - 296
The old PW to new PW should have been a no-brainer. Any self-respecting IT should have implemented it in the first place. It really makes you wonder what kind of monkeys they have working there at NCSoft...

Enko

Forge Runner

Join Date: Jun 2006

VA

Mo/

02 Jan 2010 at 03:34 - 297
Quote:
Originally Posted by Trx View Post
Just checked on NCSoft, you now have to put in the current password first. About time, no idea why this wasn't there in the first place.
must have just added this in the past few hours then. wasn't like that when i checked earlier.

good to know that it only took the method getting posted to a major forum for them to finally do something.

from what i know of programming, adding in the requirement to input the old password when changing the new password, doesn't take that long to add . ..

Quote:
Originally Posted by Miscreant_Moon View Post
Almost there and yet not quite. Current password is still not needed to change the NCSoft Master Account.
working for me. just tried it out.

Miscreant_Moon

Ascalonian Squire

Join Date: Jul 2009

Somewhere in Ascalon

Me/E

02 Jan 2010 at 03:39 - 298
Your Guild Wars account yes Enko. Your NCSoft master account password you still don't need to type in your current password.

Chthon

Grotto Attendant

Join Date: Apr 2007

02 Jan 2010 at 03:41 - 299
1. At this point the only responsible thing NCSoft can do is SHUT OFF THEIR WEBSITE ASAP and keep it down until it is completely fixed.

2.
Quote:
Originally Posted by Regina Buenaobra View Post
First of all, we have escalated this up to the NCsoft Security team, and they will investigate the issue.
I have no confidence in them. This is the same security team that has continued to insist there's nothing wrong in the face of direct evidence to the contrary.

Quote:
Therefore the hysteria surrounding the idea that all hacks are coming through the NCsoft Master Account doesn't seem to be valid.
There is no hysteria that "all hacks are coming through the NCsoft Master Account." There is and always will be a certain baseline or morons who get their accounts stolen through phishing, social engineering, keylogging, etc. There is a concern, and a (justified) anger, that all the hacks of accounts belonging to people who have practiced good security on their part and done nothing wrong are coming through the NCSoft master account.

Quote:
The first we have heard of this information, as detailed in this thread's original post, was brought to our (ArenaNet's) attention just recently (yesterday, according to Gaile), so it's incorrect to suggest that we've been covering it up for months.
You haven't. NCSoft has. The Aion community says they've been reporting this issue since Oct. We've been reporting the vulnerabilities that make brute forcing trivially easy for at least a month and nothing's been done about them either. NCSoft has buried their heads in the sand here -- no two ways about it.

Since it appears that somehow information on the vulnerabilities on the NCSoft site are not filtering up the way they should be, I'm going to take the time to condense them all into 1 post.

List of Known Vulnerabilities with the NCSoft Site:
  • 1. Wrong Account Bug. Sometimes simply logging into the NCSoft site takes you to someone else's account instead, with FULL CONTROL over that account. An attacker need only use a bot to log into their own account over and over until the bug occurs, then steal the account the bug gives them.
  • 2. Advanced Vulnerabilities Reported by Mung on Aion Forums
    • "SQL injection is apparently NOT prevented very well. [Mung] was able to send a basic acknowledge request and instead of "page not found" or "incorrect login" [Mung] received an SQL ack!"
    • "The ENTIRE web domain is unprotected from file mirroring (process of copying all files housed at the web host)." Chthon's note: HOLY SHIT! That's very bad....
    • "[T]he majority of the process functions for each page under the "secure.ncsoft.com" domain are scripted in PERL but referencing Javascript multiple times for all sorts of verifying processes. This can easily be manipulated to a users intention."
  • 3. Brute Force Vulnerabilities
    • Login failure gives different error message for real usernames and non-usernames. An attacker can generate a list of valid usernames by systematically running all character strings against the NCSoft site's username field.
    • Security questions for password reset have dangerously small search spaces that can be guessed quickly. The birthday question (which is the default!) is particularly easy. So is the car color question.
    • Failed attempt at answering security questions that includes one correctly guessed question returns error message that tells user which question is correct. This vastly reduces search time for a brute force attack.
    • Password reset attempts are allowed too frequently. 5 attempts every 12 hours is too many given the small search spaces.
    • IP's attempting multiple failed logins or password reset attempts are not blocked, blacklisted, or greylisted.
    • Attacker can specify new NCSoft password immediately upon correctly guessing password reset questions. The system should create a random password sent in a confirmation e-mail it to the account's associated address.
    • The GW username is displayed from the NCSoft site. It should not be. This gives an attacker 1/3 of the GW login credentials.
    • Attacker can specify new GW password immediately upon accessing the NCSite. User should be required to enter old password and/or respond to confirmation e-mail to the account's associated address. [Edit: Apparently this was fixed a few hours ago. Old password is now required.]
    • No countermeasures at all against brute forcing NCSoft password.(Gaile states that she has been told there are, but forum members making repeated failed login attempts did not encounter lockout, blacklisting, or increasing delay. Suspect Gaile has been misinformed by NCSoft staff.)
  • 4. GW character names are present in old support tickets. This renders the new character name security question useless.

[edit: fixed a couple typos, mistakes]

Tullzinski

Tullzinski

Jungle Guide

Join Date: Mar 2006

Trying to stay out of Ryuk's Death Note

N/R

02 Jan 2010 at 03:41 - 300
Quote:
Originally Posted by Enko View Post
must have just added this in the past few hours then. wasn't like that when i checked earlier.

good to know that it only took the method getting posted to a major forum for them to finally do something.

from what i know of programming, adding in the requirement to input the old password when changing the new password, doesn't take that long to add . ..



working for me. just tried it out.
You called that one.

Went in and changed all my personal info to boot.

Deviant Angel

Deviant Angel

Krytan Explorer

Join Date: Apr 2006

On a boat!

Homeless.

Mo/

02 Jan 2010 at 03:44 - 301
Um... I've always had to provide my current/old password before I could make a new one. That applies to the game client and the website.

Why is this being seen as a new feature for some of you?

Edit: I could have sworn that I had to in the past on the NCSoft website. Now it appears that I don't? WTF? To make things even more interesting, I had never set up the password hint question thingies in the past... so they are sitting there waiting for a hacker to come along and set them for me.

Tullzinski

Tullzinski

Jungle Guide

Join Date: Mar 2006

Trying to stay out of Ryuk's Death Note

N/R

02 Jan 2010 at 03:50 - 302
Quote:
Originally Posted by Deviant Angel View Post
Um... I've always had to provide my current/old password before I could make a new one. That applies to the game client and the website.

Why is this being seen as a new feature for some of you?

Edit: I could have sworn that I had to in the past on the NCSoft website. Now it appears that I don't? WTF? To make things even more interesting, I had never set up the password hint question thingies in the past... so they are sitting there waiting for a hacker to come along and set them for me.
It was NOT a requirement on the NCsoft Master account site. It is as of today...to change your guild wars password...

Miscreant_Moon

Ascalonian Squire

Join Date: Jul 2009

Somewhere in Ascalon

Me/E

02 Jan 2010 at 03:52 - 303
Gaile Gray on the wiki:

ArenaNet and NCsoft staff members have been discussing the possible security issues pointed out by players in various forum threads. We absolutely do take these concerns seriously, and measures are being and will continue to be taken to address the concerns on several levels. A change in one of the NCMA processes is being made even as I write, and I think you will all agree that this change will help tremendously in enforcing a high level of account security. I just want to say I'm very grateful to the people who have been involved. They are working on a holiday, some of them away from home, and they've just been splendid in getting into this, to listening, to looking at what they can do to help -- to taking the whole matter on board and making definite improvements in very short order.
Research continues and additional changes may be put in place. But if you try to change your password in on the NCsoft site, you will notice a change, I'm sure, that will enhance account security now and in the future. -- Gaile 03:15, 2 January 2010 (UTC)

Enko

Forge Runner

Join Date: Jun 2006

VA

Mo/

02 Jan 2010 at 03:54 - 304
heh on my post on mmorpg.com, 3 posters are saying "anet told us to change our password in the log in announcements so they must obviously be doing something to combat it".

here's one of their quotes:
Quote:
Originally Posted by Abrahmm on mmorpg.com

Last time I logged into Guild Wars there was in big, bright red text a warning about rampant account hacking, and they made me not only give my password but answer an additional security question. Explain to me how they "aren't admitting it" and "Aren't doing anything to combat it" again?

Jensy

Jensy

Site Contributor

Join Date: Apr 2007

Phoenix, Arizona

Blinkie Ponie Armie [bpa]

N/Mo

02 Jan 2010 at 04:00 - 305
That is a step in the right direction. Thanks to whomever has been working on this. What a freaking mess, man.

AnClar

AnClar

Elite Guru

Join Date: Sep 2005

Texas USA

Sanitas In Absentia [SiA]

R/

02 Jan 2010 at 04:00 - 306
Quote:
Originally Posted by Miscreant_Moon View Post
Your Guild Wars account yes Enko. Your NCSoft master account password you still don't need to type in your current password.
According to what Gaile has up on her support page, (and I haven't tried this yet but I will shortly) NCSoft security claims that in order to change the NCMA p/w, you are asked a series of security questions first. So while you don't have to input your old p/w, you still have a layer of security to go through before you can change your NCMA p/w.

shoyon456

shoyon456

Desert Nomad

Join Date: Jul 2006

D/

02 Jan 2010 at 04:00 - 307
Nice response Anet/Gaile/Regina/NCSoft, especially on a holiday. Squeaky wheel gets the grease.

PuppyEater

PuppyEater

Frost Gate Guardian

Join Date: Nov 2005

I'm on the left...

Guilds? Where we're going we don't need guilds...

R/Rt

02 Jan 2010 at 04:03 - 308
Good to see ye olde Tombstone Policy in full force. I'm just surprised it didn't take someone losing their entire real life identity to get anything even addressed. (All though, to be honest, someone experiencing identity theft would force them to do something but I really don't think it would be worth it...)

Cacheelma

Cacheelma

Desert Nomad

Join Date: Jun 2005

The Ascalon Union

Me/Mo

02 Jan 2010 at 04:05 - 309
Quote:
Originally Posted by karlik View Post
It's not exactly that Anet/NCSoft don't know what's going, it's more that they won't admit it. There is constant denial in any business out there.

When was the last time time you heard a fast food joint say "yeah, we didn't cook the burgers long enough - it's our fault people got sick"?

It's not that they don't know what's going on and need us to tell 'em - it's that they don't want us to know, and we need to tell 'em we do.

I was one of the first to respond to the "character name" update, and I believe my comment was to the effect of it was like putting a "band aid on a severed artery".
I knew Regnobra lies. I just want to call her out on what she said.

MMSDome

MMSDome

Raged Out

Join Date: Sep 2005

02 Jan 2010 at 04:14 - 310
I actually lold when I read about this on TeamQQ seeing as my account was hacked as well.

So much for them blaming the community for having bad passwords.

REFUNDS!

Deviant Angel

Deviant Angel

Krytan Explorer

Join Date: Apr 2006

On a boat!

Homeless.

Mo/

02 Jan 2010 at 04:15 - 311
Quote:
Originally Posted by Tullzinski View Post
It was NOT a requirement on the NCsoft Master account site. It is as of today...to change your guild wars password...
I've never tried to change my plaync account password in the past, so that's why I didn't notice that little security disaster waiting to happen.

Inner Salbat

Inner Salbat

Lion's Arch Merchant

Join Date: Oct 2005

Leader - ANZAC

E/

02 Jan 2010 at 04:17 - 312
Read this and obey it

Do not fill in those extra security questions with anything valid, like what colour is your car, if you say "Blue" your an idiot and you deserve all your stuff being hacked off your account because your a class total idiot, in fact don't even bother to wait for the hacker just trade all you stuff to me

what you should be putting in those boxes is;

X2xA3!#5!uBqZx7{2^yY

And write it down on some paper somewhere.

obastable

obastable

Krytan Explorer

Join Date: Nov 2005

Mo/

02 Jan 2010 at 04:24 - 313
Quote:
Originally Posted by MMSDome View Post

So much for them blaming the community for having bad passwords.

REFUNDS!

Not entirely true, though it is the standard response given to hacked account incidents. Press, be polite, and be patient ... and you will eventually get a better answer.

Sierraa

Sierraa

Supastar~ ???

Join Date: May 2006

USA [GMT -7]

Sierraas Asian Harem [love]

Me/

02 Jan 2010 at 04:30 - 314
Quote:
Originally Posted by Erys Vasburg View Post
However, if you want a Guru moderator's confirmation, you have it here:
xxteacakez = me, while I'm only a ventari/nolani mod I can truthfully say that my NCsoft account doesn't start with a "k" and I had full control over the account that I was logged in.

Regina Buenaobra

Regina Buenaobra

ArenaNet

Join Date: Apr 2008

Me/

02 Jan 2010 at 04:42 - 315
ArenaNet has been discussing the issues pointed out by players in this and other forum threads on the issue with NCsoft. Again, we take these concerns very seriously, and we're currently taking measures to address them on several levels, and we will continue to do so.

There is a change in one of the NCsoft Master Account processes that is being enacted, and we believe this change will help quite a lot in enforcing account security, and we're very grateful to the folks involved who've worked today to get those measures in place, on a holiday, and many of them away from home. They've taken our escalation of this issue very seriously, are listening, and are doing what they can do to proactively help, and to take your concerns on board and make improvements in very short order.

The security team continues to research and additional changes might be put in place. If you try to change your password on the NCsoft web site now, you will notice one of these changes: you will be required to input the old password to change it to a new one.

I would like to reiterate one point again, because people continue to ignore this fact: The account hacks are not likely related to the NCsoft Master Account security concerns. Roughly half of the hacked acounts do NOT have an NCsoft Master Account, and very few account thefts involved a password change at all. The hacker(s) knew the account credentials, and they did not access the hacked accounts through NCsoft Master Accounts. The hackers had a list of passwords, which they used to steal accounts.

Again, our NCsoft Security team is continuing to investigate this issue, and there might be additional changes forthcoming.

DragonRogue

DragonRogue

Lion's Arch Merchant

Join Date: May 2007

Seattle, WA USA

Demon Dawg Knights

E/Me

02 Jan 2010 at 04:43 - 316
Forgive me if i sound a bit dumb with this question... but ive never had to buy anything from the NCsoft store, i just use the loggin screen link for the few extra toon slots i wanted, so never needed my ncsoft account name or PW...So why is it impossible to just change the PW on the same loggin screen without having to go thru their website? Seems that it would be easier and only Anet would know whats going on. After all, im logging into GW and using my GW PW on a GW game screen...not an NCsoft screen.

Professor K

Frost Gate Guardian

Join Date: Jan 2009

Mo/A

02 Jan 2010 at 04:46 - 317
I applaud ArenaNet for trying their best to keep us safe, but its all for naught if NCsoft can't get their shit in order.

obastable

obastable

Krytan Explorer

Join Date: Nov 2005

Mo/

02 Jan 2010 at 04:59 - 318
Quote:
Originally Posted by Regina Buenaobra View Post
The account hacks are not likely related to the NCsoft Master Account security concerns. Roughly half of the hacked acounts do NOT have an NCsoft Master Account, and very few account thefts involved a password change at all. The hacker(s) knew the account credentials, and they did not access the hacked accounts through NCsoft Master Accounts. The hackers had a list of passwords, which they used to steal accounts.
I'm sorry, but ... "not likely related to the NCsoft Master Account security concerns."?

"Not likely" doesn't cut it, Regina, especially when you're talking to the people who had their NCMA's thoroughly compromised prior to their GW passwords being reset by whomever hijacked their NCMA.

In those instances I would say it is VERY LIKELY the account hacks are directly related to the NCsoft Master Account security concerns, and are guaranteed to be a direct result of a major security failure on the part of NCsoft.

What do you say, or do, for those people who have lost their stuff because of NCsofts failure to protect their personal information?

"Ooops! Suck it up, buttercup, because we still won't (willingly) do anything to help you!"

DragonRogue

DragonRogue

Lion's Arch Merchant

Join Date: May 2007

Seattle, WA USA

Demon Dawg Knights

E/Me

02 Jan 2010 at 05:00 - 319
Quote:
Originally Posted by Regina Buenaobra View Post
ArenaNet has been discussing the issues pointed out by players in this and other forum threads on the issue with NCsoft. Again, we take these concerns very seriously, and we're currently taking measures to address them on several levels, and we will continue to do so.

There is a change in one of the NCsoft Master Account processes that is being enacted, and we believe this change will help quite a lot in enforcing account security, and we're very grateful to the folks involved who've worked today to get those measures in place, on a holiday, and many of them away from home. They've taken our escalation of this issue very seriously, are listening, and are doing what they can do to proactively help, and to take your concerns on board and make improvements in very short order.

The security team continues to research and additional changes might be put in place. If you try to change your password on the NCsoft web site now, you will notice one of these changes: you will be required to input the old password to change it to a new one.

I would like to reiterate one point again, because people continue to ignore this fact: The account hacks are not likely related to the NCsoft Master Account security concerns. Roughly half of the hacked acounts do NOT have an NCsoft Master Account, and very few account thefts involved a password change at all. The hacker(s) knew the account credentials, and they did not access the hacked accounts through NCsoft Master Accounts. The hackers had a list of passwords, which they used to steal accounts.

Again, our NCsoft Security team is continuing to investigate this issue, and there might be additional changes forthcoming.
Regina and Gaile,

We know you have been putting forth much effort to solve a few problems in the past 24 hours and we thank you both for keeping the community updated pretty well that i can see.

But i am curious about something. What are you doing to the actual hackers? What steps are you taking on getting rid of them? I know from past threads that it has been stated that you can trace many things in this game. During the 117 issues it was how often people had gone to a restricted area and when and who, and also how much they gained from it. During the begining era of GW gold buyers, many were found, and banned, from their transactions of items that had been traced. Bans on both the sellers and buyers. So that tells me that you can trace where the stolen items are going and who has them. Are any steps being taken to ban these people? Im sure the community would feel better if perma bannings were going on. I know they did when the Bot Bannings were going on and we saw a drastic decline in Monkbots out of Arbourstone and Bergen. People want not only answers, but blood it seems and if you cant find blood for those responsible...they will settle for yours instead. Is trade to temporary accounts and buddy keys restricted? If so then if you ban real accounts, it wont be cost effective for them to keep buying an account to hack anyone.

Also, you say the hackers have a LIST OF PWs? From where have these been obtained? I personally know people who have been hacked. A few of them from the IT industry. So a few of the explanations given us arent really working for what happened to them. That is why this is all sounding a bit odd to many of us.

Faer

Faer

La-Li-Lu-Le-Lo

Join Date: Feb 2006

02 Jan 2010 at 05:01 - 320
Nice! Action being taken and more holes being filled. This is awesome!
Quote:
Originally Posted by Regina Buenaobra View Post
The hackers had a list of passwords, which they used to steal accounts.[/B]
Hrm. Where did they get that (and the matching list of accounts those passwords are paired with) from?