The registered email my STO account was under had gone dead and so I was unable to reset my password when Cryptic changed in two days ago. After some verification credentials, Perfect World support had gotten to me well ahead of the 3-4 business days they had projected (Scotty would be proud). I have only good things to say to Customer Support, but whoever at Cryptic made the decision to forcibly change so many people's passwords *without prior notice* did a great disservice.
Preferably they should have made a note about it and encouraged people to change their passwords soon, or at the very least say that these will be reset in X days, with a list of possible problems that could result if not doing so (such as not being able to access the email account you registered under). The situation basically went from trying to prevent something really bad (TRIBBLE account) to definitely causing something somewhat bad (inaccessible account).
It is good to be able to post on the forums again, though. Kudos to BranFlakes for his posts on what to do in the matters where we can't login to file tickets.
For CaptainKrudAlt, who seemed to have an identical problem as me, email customerservice@perfectworld.com with an explanation of the situation and at least 3 of the following to verify that you are who you say you are:
First and last name on your account
Last four digits of any credit card currently on file
Billing address, including zip or postal code
Phone number (if one is on the account)
Any 25-digit product key associated with the account
Any 25-digit game time card key associated with the account
Any Cryptic credit card transaction ID (15 digits, beginning with CRYPTIC0)
Any PayPal subscription Invoice ID (15 digits, beginning with CRYPTIC0)
The answer to your secret question, (if one is on the account)
As a matter of habit, security is utmost concern for me at all times. I may be getting easily spooked in my older age and biting before I bark in this situation.
If the breech was just recently confirmed and not a hidden secret before being quelled, then I can hold no ill will to Cryptic in how they handled it.
If thats the case, I am glad that they responded immediately, but I am still not satisfied that it took them a year and a half to figure out they had been TRIBBLE.
The registered email my STO account was under had gone dead and so I was unable to reset my password when Cryptic changed in two days ago. After some verification credentials, Perfect World support had gotten to me well ahead of the 3-4 business days they had projected (Scotty would be proud). I have only good things to say to Customer Support, but whoever at Cryptic made the decision to forcibly change so many people's passwords *without prior notice* did a great disservice.
Preferably they should have made a note about it and encouraged people to change their passwords soon, or at the very least say that these will be reset in X days, with a list of possible problems that could result if not doing so (such as not being able to access the email account you registered under). The situation basically went from trying to prevent something really bad (TRIBBLE account) to definitely causing something somewhat bad (inaccessible account).
It is good to be able to post on the forums again, though. Kudos to BranFlakes for his posts on what to do in the matters where we can't login to file tickets.
For CaptainKrudAlt, who seemed to have an identical problem as me, email customerservice@perfectworld.com with an explanation of the situation and at least 3 of the following to verify that you are who you say you are:
First and last name on your account
Last four digits of any credit card currently on file
Billing address, including zip or postal code
Phone number (if one is on the account)
Any 25-digit product key associated with the account
Any 25-digit game time card key associated with the account
Any Cryptic credit card transaction ID (15 digits, beginning with CRYPTIC0)
Any PayPal subscription Invoice ID (15 digits, beginning with CRYPTIC0)
The answer to your secret question, (if one is on the account)
FINALLY, something useful! I sent the email referencing my incident number with the above. Hopefully I'll get a quick fix on this.
I'm here to ask how long my friend Is going to have to wait to have his account restored.
Several days ago, he had this "Password reset bug", reset hit PW, then it told him his username needed to be changed as well, so he did. Now his account has NOTHING (no chars, no money and no gold status)
This is pretty bad guys.
What's the average wait time on a SERIOUS GAMEBREAKER like this? (IE - how long does it take your acct guys to do a rollback?)
I'm here to ask how long my friend Is going to have to wait to have his account restored.
Several days ago, he had this "Password reset bug", reset hit PW, then it told him his username needed to be changed as well, so he did. Now his account has NOTHING (no chars, no money and no gold status)
This is pretty bad guys.
What's the average wait time on a SERIOUS GAMEBREAKER like this? (IE - how long does it take your acct guys to do a rollback?)
Make it so Brandon ,pretty please with a cherry on top if you can do an account restore in record time for our buddy
I am not a paid Commersial Spokeperson Adverter... I finaly got the root cause of log in troubles here.
Cut paste the Mail link Cryptic PW_E STO sends into a Goggle browser then to another CHAT box this activated a hotlink.. the MS IE8 would not at first try..
I was starting to look at old PC WIN98SE back up and Quake Open GL 1.04 as alt if STO dint open a link soon..
I am impressed how I got another spamad from Cryptic about AWESOME NEW FERENGI LOCKBOXES today....but still no e-mail about security issues, or front-page news, or anything except this "sweep-it-under-the-rug" thread.
What!? I had my password changed a month ago and my account was fine when I returned to the game after a year. Nothing was stolen, no changes to my character and no e-mails sent under my name. Yet, Some one could of looked in my account with out changing it.
The security notice about my account reset went to the Spam Folder and the Latest Game Update was in my mail box. They should of add it in the same e-mail.
Those Links in the thread don't even work for me in the first post. People say the server is down and they don't work.
PWE_BranFlakes needs to update his first post! If changes to password reset has changed?
What!? I had my password changed a month ago and my account was fine when I returned to the game after a year. Nothing was stolen, no changes to my character and no e-mails sent under my name. Yet, Some one could of looked in my account with out changing it.
The security notice about my account reset went to the Spam Folder and the Latest Game Update was in my mail box. They should of add it in the same e-mail.
Those Links in the thread don't even work for me in the first post. People say the server is down and they don't work.
PWE_BranFlakes needs to update his first post! If changes to password reset has changed?
easy way to do this
step one Log out of the forums
Step two Close browser
Step Three open browser
Step four, go to log in, but use the forgotten password link follow those instructions, and look for the mail in the spam folder, it ends up there for a lot of folks
that, should fix it, the important part is step one. without doing that, it will NOT work, no exceptions
If you're a European Union citizen you can also contact the Member State information commissioner and they could contact the The Federal Trade Commission ('FTC') to make a compliant
Was this related to an email a co worker of mine recieved? Which said:
At Cryptic Studios, your privacy and security is important. As part of our ongoing efforts to monitor and enhance security, we recently detected evidence of an unauthorized access to one of our user databases. The unauthorized access occurred in December 2010, and evidence of this has just been uncovered due to increased security analysis.
The unauthorized access included user account names, handles, and encrypted passwords for those accounts. Even though the passwords were encrypted, it is apparent that the intruder has been able to crack some portion of the passwords in this database. All accounts that we believe were present in the database have had the passwords reset, and customers registered to these accounts have been notified via e-mail of this incident.
While we have no evidence that any other information was taken by the intruder, it is possible that the intruder was able to access additional account information. If they did so, the first and last name, e-mail address, date of birth (if provided to Cryptic Studios), billing address, and the first six digits and the last four digits of credit cards registered on the site may have been accessed. We have no evidence at this time that any data other than the account name, handle, and encrypted password were accessed for any user.
We are continuing to investigate this incident, and are taking even further action to strengthen our systems and redouble our security vigilance and protections. For your own security, we encourage you to be especially aware of e-mail and postal mail scams that ask for personal or sensitive information. Cryptic will not contact you in any way, including by e-mail, asking for your credit card number, social security number, or any other personally identifiable information. If you use the same password for other accounts, especially financial accounts or accounts with personal information, we strongly recommend that you change them.
While we have no evidence of unauthorized use of personal information as a result of this incident, to protect against any possible identity theft, we encourage you to remain vigilant, to review your account statements and to monitor your credit reports. Further information regarding the prevention of identity theft can be found at the Federal Trade Commissions website here.
We apologize for any inconvenience this unauthorized access may have caused our customers. Customers with questions about this incident and how it may affect them can contact customer service by submitting a support ticket at https://support.perfectworld.com/app/cs_cryptic/iss/log.
If you're a European Union citizen you can also contact the Member State information commissioner and they could contact the The Federal Trade Commission ('FTC') to make a compliant
I am impressed how I got another spamad from Cryptic about AWESOME NEW FERENGI LOCKBOXES today....but still no e-mail about security issues, or front-page news, or anything except this "sweep-it-under-the-rug" thread.
No, wait. Not 'limpressed". The other thing.
Interesting that, I got two newsletters (aka, spam about lockboxes/ripoff offers), but NADA about the security issue, or that my password had been reset.
Interesting that, I got two newsletters (aka, spam about lockboxes/ripoff offers), but NADA about the security issue, or that my password had been reset.
Gotta love the priorities.
Mark me up as another one......my password was reset yet not one email about why, if i did not find out about it on the forums i would not have known why my password was reset and what i had to do to fix it, and to fix it that info came from forum members rather than Cryptic..............but i did get two email's proclaiming "New STO Content Available Now!"...........so yes its nice to see they got their priorities right.:rolleyes:
Mark me up as another one......my password was reset yet not one email about why, if i did not find out about it on the forums i would not have known why my password was reset and what i had to do to fix it, and to fix it that info came from forum members rather than Cryptic..............but i did get two email's proclaiming "New STO Content Available Now!"...........so yes its nice to see they got their priorities right.:rolleyes:
Interesting that, I got two newsletters (aka, spam about lockboxes/ripoff offers), but NADA about the security issue, or that my password had been reset.
Gotta love the priorities.
It likely in your spam folder. Seems not only did they not spell right in email they made the header higher target for spam
It likely in your spam folder. Seems not only did they not spell right in email they made the header higher target for spam
It wasn't
I have my own personal domain/email and spam isn't auto filtered at the server level, but windows live mail does it
There was nothing in the junk mail box.
I'm shocked (but not surprised) there wasn't an announcement on the main page, or heck, an alert/notification sent to all forum users about it, given that they use the Vbulletin forum system, it's well within the forums capabilities to do all three.
I have read as many pages of this thread as I posibly can. I see People saying "log out , close brower, change password, easy as that." You don't seem to understand why I am posting here.
I have seen one or 2 posts here with MY problem: Cryptic no longer has my email address, so I can't change the password. I saw Branflakes closed a post and said "problem solved". I don't know what problem he is talking about.
I sent in a ticket last thursday, and it said "expect to hear from us in 3-4 business days." - for an account that can not log into the game, I would expect quicker service, but check the "Complaint Board" website , PWE is cited for incredibly poor customer service- now I see why. When your spam folder puts all STO and PWE messages in the spam box - BELIEVE YOUR SPAM BOX. A spam company took over our game, STO, and made it a highly reprehensible cash grab.
Dan Stahl is an unethical suit, corrupted by dreams of more money, sitting there trying to tell you how it's perfectly moral for STO to charge $1.25 for a key to unlock a box of junk. it costs $250 to get a ferengi top or skirt. You really think anybody with a since of self preservation would continue to play this game?
How much will it cost you to try to aquire the next ship the lock boxes offer? $100 , $200, more? PWE is trying new things, seeing if they can get away with them.
1 of 2 things will happen :
1. PWE will get away with the lox box scam, and it will become excepted industry practice, or
2. Star trek Online will see the biggest exodus of a game in history, we lose our game, STO to memory, and Perfect World skulks into the shadows, waiting to scoop up another popular game, and try the same thing.
STO has become raw seething corruption. You know when a crook plays the victim:" But I gotta feed my family". What is that old line from some sci fi movie.."I never took advantage or exploited anyone....who didn't want to be exploited..."
If I get a reply from my customer service ticket, I wonder what they are going to say...I would have waited for 5 days, if they reply tommorow (this is Sunday). What answer is there, that my email address no longer shows up in the Cryptic database? Business 101 tells you to bring the customer support down to a skeleton crew, and offer as little help as possible.
This way, people won't expect customer support after awhile, and you get to save money, by having little or no tech support. We love the game, and it breaks our hearts to have to stop playing, but when a scam company buys your game, you got to ask yourself if the game is worth the trouble, and expense. Perfect world is convinced people love STO, and they are willing to profit off of our love for the game as much as they can.
Do you really want to play a game, that charges you $1.25 to open a lock box? Really? How bad do you love STO? Enough to be taken advantage of, financially? Thats the problem : This whole game is a scam now, and they tell us to our faces , in flowery language that it is a scam, and we just have to "deal with it'.
Distasteful, over the line, but right on the money. And I MEAN MONEY. The cheapest you can purchase c-points is in $6.25 bundles.
That is an entire meal, taken out of my child's mouth, or my elderly mother's mouth. That's a prescription not being filled. I garantee that from your statement, you make more money than me.
I have to give up STO out of morality. How many lock boxes are you going to open when they release the next lock box scam? How far will it go remains to be seen.
$1.25 keys make a lot more difference to me, than you, or else you would be outraged at this experimental and unprecidented business practice.:(
Distasteful, over the line, but right on the money. And I MEAN MONEY. The cheapest you can purchase c-points is in $6.25 bundles.
That is an entire meal, taken out of my child's mouth, or my elderly mother's mouth. That's a prescription not being filled. I garantee that from your statement, you make more money than me.
I have to give up STO out of morality. How many lock boxes are you going to open when they release the next lock box scam? How far will it go remains to be seen.
$1.25 keys make a lot more difference to me, than you, or else you would be outraged at this experimental and unprecidented business practice.:(
I hate to be "that guy," when I say this......and I have never spoken these words before because they're just so damn cliche.....but....
You don't HAVE to play.
Just like you don't HAVE to gamble in Vegas. You don't HAVE to play STO. Whether or not you or I or anyone else agrees with the game mechanics is irrelevant. You HAVE to feed your child. You don't HAVE to play STO.
I got email about the hack and my reaction was that if they knew it happened 4 months ago why are we being told about it now rather than back then. I also got the otherone that seemed to claim that the boxes and dodgy vault thing were content.
On the off topic of the gambleboxes just roll need for delete, or to send by ingame mail to a cryptic staff member, for every box I delete thats one less key to be bought by those stupid enough to go for them. And we can all see who those people are as the game insists on spamming their name to everyone. I don't care that idiot@moremoneythansense won a ship that shouldnt be in starfleet so giving me their name will only tell me who to send tells to asking how much cash they wasted and if they're going to be able to pay the bills next month.
Never been to vegas but I have been to casino's and walked out ahead, the gamblebox is set up so the odds are stacked so far against you you might as well not bother starting.
Let's move this back on topic before the entire thread gets flushed into the enormous 'Discussion about Lockboxes' black hole...
If this hack was so 'insignificant' why are people suddenly all these months later logging in to find all their characters gone, LTS statuses missing, etc? I'm not talking about people who haven't logged in for years. I'm talking about people who had played just days prior. And why hasn't Cryptic done a thing about it?
If this hack was so 'insignificant' why are people suddenly all these months later logging in to find all their characters gone, LTS statuses missing, etc? I'm not talking about people who haven't logged in for years. I'm talking about people who had played just days prior. And why hasn't Cryptic done a thing about it?
Indeed
As I've said a few times and as you can see in my signature, they claim to offer such superior customer support, but it's a complete lie.
I got email about the hack and my reaction was that if they knew it happened 4 months ago why are we being told about it now rather than back then.
The incident happened 16 months ago. From what they say, they just found out about it last week. I'm still waiting on an answer as to how they determined which accounts were compromised and which weren't. IE what behavior was the account exhibiting. But I don't expect a reply at all, much less an actual answer to my question, that's just not how PWE does business.
The incident happened 16 months ago. From what they say, they just found out about it last week. I'm still waiting on an answer as to how they determined which accounts were compromised and which weren't. IE what behavior was the account exhibiting. But I don't expect a reply at all, much less an actual answer to my question, that's just not how PWE does business.
I'm assuming that basically:
If you had an account in December of 2010, it was potentially compromised. If your account was potentially compromised, you need to change your password.
If you did not have an account in December of 2010, it obviously was not compromised.
Comments
Preferably they should have made a note about it and encouraged people to change their passwords soon, or at the very least say that these will be reset in X days, with a list of possible problems that could result if not doing so (such as not being able to access the email account you registered under). The situation basically went from trying to prevent something really bad (TRIBBLE account) to definitely causing something somewhat bad (inaccessible account).
It is good to be able to post on the forums again, though. Kudos to BranFlakes for his posts on what to do in the matters where we can't login to file tickets.
For CaptainKrudAlt, who seemed to have an identical problem as me, email customerservice@perfectworld.com with an explanation of the situation and at least 3 of the following to verify that you are who you say you are:
First and last name on your account
Last four digits of any credit card currently on file
Billing address, including zip or postal code
Phone number (if one is on the account)
Any 25-digit product key associated with the account
Any 25-digit game time card key associated with the account
Any Cryptic credit card transaction ID (15 digits, beginning with CRYPTIC0)
Any PayPal subscription Invoice ID (15 digits, beginning with CRYPTIC0)
The answer to your secret question, (if one is on the account)
If thats the case, I am glad that they responded immediately, but I am still not satisfied that it took them a year and a half to figure out they had been TRIBBLE.
FINALLY, something useful! I sent the email referencing my incident number with the above. Hopefully I'll get a quick fix on this.
Several days ago, he had this "Password reset bug", reset hit PW, then it told him his username needed to be changed as well, so he did. Now his account has NOTHING (no chars, no money and no gold status)
This is pretty bad guys.
What's the average wait time on a SERIOUS GAMEBREAKER like this? (IE - how long does it take your acct guys to do a rollback?)
Make it so Brandon ,pretty please with a cherry on top if you can do an account restore in record time for our buddy
Cut paste the Mail link Cryptic PW_E STO sends into a Goggle browser then to another CHAT box this activated a hotlink.. the MS IE8 would not at first try..
I was starting to look at old PC WIN98SE back up and Quake Open GL 1.04 as alt if STO dint open a link soon..
No, wait. Not 'limpressed". The other thing.
The security notice about my account reset went to the Spam Folder and the Latest Game Update was in my mail box. They should of add it in the same e-mail.
Those Links in the thread don't even work for me in the first post. People say the server is down and they don't work.
PWE_BranFlakes needs to update his first post! If changes to password reset has changed?
easy way to do this
step one Log out of the forums
Step two Close browser
Step Three open browser
Step four, go to log in, but use the forgotten password link follow those instructions, and look for the mail in the spam folder, it ends up there for a lot of folks
that, should fix it, the important part is step one. without doing that, it will NOT work, no exceptions
If you're a European Union citizen you can also contact the Member State information commissioner and they could contact the The Federal Trade Commission ('FTC') to make a compliant
http://www.ico.gov.uk/what_we_cover/international_duties.aspx
They can do that under the Safe-Harbour agreements between the US and EU.
This will ensure that this gets properly investigated. Which Cryptic has not provided any details on.
This is the next step to open an investigation on this situation and for give a little input to the cryptic?
Interesting that, I got two newsletters (aka, spam about lockboxes/ripoff offers), but NADA about the security issue, or that my password had been reset.
Gotta love the priorities.
Mark me up as another one......my password was reset yet not one email about why, if i did not find out about it on the forums i would not have known why my password was reset and what i had to do to fix it, and to fix it that info came from forum members rather than Cryptic..............but i did get two email's proclaiming "New STO Content Available Now!"...........so yes its nice to see they got their priorities right.:rolleyes:
It likely in your spam folder. Seems not only did they not spell right in email they made the header higher target for spam
It wasn't
I have my own personal domain/email and spam isn't auto filtered at the server level, but windows live mail does it
There was nothing in the junk mail box.
I'm shocked (but not surprised) there wasn't an announcement on the main page, or heck, an alert/notification sent to all forum users about it, given that they use the Vbulletin forum system, it's well within the forums capabilities to do all three.
I have seen one or 2 posts here with MY problem: Cryptic no longer has my email address, so I can't change the password. I saw Branflakes closed a post and said "problem solved". I don't know what problem he is talking about.
I sent in a ticket last thursday, and it said "expect to hear from us in 3-4 business days." - for an account that can not log into the game, I would expect quicker service, but check the "Complaint Board" website , PWE is cited for incredibly poor customer service- now I see why. When your spam folder puts all STO and PWE messages in the spam box - BELIEVE YOUR SPAM BOX. A spam company took over our game, STO, and made it a highly reprehensible cash grab.
Dan Stahl is an unethical suit, corrupted by dreams of more money, sitting there trying to tell you how it's perfectly moral for STO to charge $1.25 for a key to unlock a box of junk. it costs $250 to get a ferengi top or skirt. You really think anybody with a since of self preservation would continue to play this game?
How much will it cost you to try to aquire the next ship the lock boxes offer? $100 , $200, more? PWE is trying new things, seeing if they can get away with them.
1 of 2 things will happen :
1. PWE will get away with the lox box scam, and it will become excepted industry practice, or
2. Star trek Online will see the biggest exodus of a game in history, we lose our game, STO to memory, and Perfect World skulks into the shadows, waiting to scoop up another popular game, and try the same thing.
STO has become raw seething corruption. You know when a crook plays the victim:" But I gotta feed my family". What is that old line from some sci fi movie.."I never took advantage or exploited anyone....who didn't want to be exploited..."
If I get a reply from my customer service ticket, I wonder what they are going to say...I would have waited for 5 days, if they reply tommorow (this is Sunday). What answer is there, that my email address no longer shows up in the Cryptic database? Business 101 tells you to bring the customer support down to a skeleton crew, and offer as little help as possible.
This way, people won't expect customer support after awhile, and you get to save money, by having little or no tech support. We love the game, and it breaks our hearts to have to stop playing, but when a scam company buys your game, you got to ask yourself if the game is worth the trouble, and expense. Perfect world is convinced people love STO, and they are willing to profit off of our love for the game as much as they can.
Do you really want to play a game, that charges you $1.25 to open a lock box? Really? How bad do you love STO? Enough to be taken advantage of, financially? Thats the problem : This whole game is a scam now, and they tell us to our faces , in flowery language that it is a scam, and we just have to "deal with it'.
That is an entire meal, taken out of my child's mouth, or my elderly mother's mouth. That's a prescription not being filled. I garantee that from your statement, you make more money than me.
I have to give up STO out of morality. How many lock boxes are you going to open when they release the next lock box scam? How far will it go remains to be seen.
$1.25 keys make a lot more difference to me, than you, or else you would be outraged at this experimental and unprecidented business practice.:(
I hate to be "that guy," when I say this......and I have never spoken these words before because they're just so damn cliche.....but....
You don't HAVE to play.
Just like you don't HAVE to gamble in Vegas. You don't HAVE to play STO. Whether or not you or I or anyone else agrees with the game mechanics is irrelevant. You HAVE to feed your child. You don't HAVE to play STO.
On the off topic of the gambleboxes just roll need for delete, or to send by ingame mail to a cryptic staff member, for every box I delete thats one less key to be bought by those stupid enough to go for them. And we can all see who those people are as the game insists on spamming their name to everyone. I don't care that idiot@moremoneythansense won a ship that shouldnt be in starfleet so giving me their name will only tell me who to send tells to asking how much cash they wasted and if they're going to be able to pay the bills next month.
Never been to vegas but I have been to casino's and walked out ahead, the gamblebox is set up so the odds are stacked so far against you you might as well not bother starting.
Let's move this back on topic before the entire thread gets flushed into the enormous 'Discussion about Lockboxes' black hole...
If this hack was so 'insignificant' why are people suddenly all these months later logging in to find all their characters gone, LTS statuses missing, etc? I'm not talking about people who haven't logged in for years. I'm talking about people who had played just days prior. And why hasn't Cryptic done a thing about it?
Indeed
As I've said a few times and as you can see in my signature, they claim to offer such superior customer support, but it's a complete lie.
From what I've seen, the claim that they offer any sort of customer support, superior or otherwise, is a near-total fabrication.
The incident happened 16 months ago. From what they say, they just found out about it last week. I'm still waiting on an answer as to how they determined which accounts were compromised and which weren't. IE what behavior was the account exhibiting. But I don't expect a reply at all, much less an actual answer to my question, that's just not how PWE does business.
I'm assuming that basically:
If you had an account in December of 2010, it was potentially compromised. If your account was potentially compromised, you need to change your password.
If you did not have an account in December of 2010, it obviously was not compromised.