This part at least is correct. Though the mere fact that they restored his characters fully is evidence enough that they too believe the account was TRIBBLE, and that this wasn't some sort of scam.
That is not evidence of anything. They will restore any deleted character still in the database regardless of the reason why. Accidentally deleted your main when you were so drunk you did not know your own name? They can help you with that.
Share your account information with an EC spammer. Yeah, they won't be able to refund your lost virtual assets.
In the 14 years I have been playing MMOs, I have never encountered anyone who's account was magically TRIBBLE out of the blue. It was always a friend/relative/chinese power level service with whom the player shared their information. Why anyone would do that in a F2P game boggles the imagination, but they do.
Guys, stop discussing whether character restoration is a proof of anything.
They acknowledged it as a hacking attempt during their first response. Very explicitly. They just failed to completely restore everything. They didn't say "You wont get currencies restored", they just didn't do it and assumed their job was done with character restoration.
And the EULA can say whatever they want - the moment you sell your product on a market, you are bound by the laws of that market. Even defining a responsible seat of court in an EULA is open to question in some cases. One example was mentioned already. Another example are swiss regulations about the protection of personal information, which are applicable in my case whether Cryptic cares or not.
The main reason why things like that rarely get challenged is the sheer hassle involved for everyone, and the fact that they could still terminate your account if they want to.
I also understand they are overworked thanks to LoR, NW, and a significant number of similar cases to mine.
What I don't understand is why they fail at their first response, and don't manage more than an automated response - even a brief "Hi there, we are investigating the details, stand by" would be better. But as it is now, my tickets dont even get categorized correctly, the support site keeps spitting error messages, and the ingame ticket system is down more often than not. I'm simply not even sure they HAVE my tickets anywhere with the way they handle it.
A) The laws of Switzerland don't apply in California. EULAs actually are defensible in court. This is not 1983.
C) Don't ever share your account information with anyone under any circumstances.
That is not evidence of anything. They will restore any deleted character still in the database regardless of the reason why. Accidentally deleted your main when you were so drunk you did not know your own name? They can help you with that.
Share your account information with an EC spammer. Yeah, they won't be able to refund your lost virtual assets.
In the 14 years I have been playing MMOs, I have never encountered anyone who's account was magically TRIBBLE out of the blue. It was always a friend/relative/chinese power level service with whom the player shared their information. Why anyone would do that in a F2P game boggles the imagination, but they do.
A) The laws of Switzerland don't apply in California. EULAs actually are defensible in court. This is not 1983.
C) Don't ever share your account information with anyone under any circumstances.
Laws like these exist all around the world in order to protect consumers. Against these laws, an EULA has zero chance, which is exactly how it should be.
Hopefully none of this actually matters because PWE will do the right thing here and just give the OP his stuff back.
...
Laws like these exist all around the world in order to protect consumers. Against these laws, an EULA has zero chance, which is exactly how it should be.
Hopefully none of this actually matters because PWE will do the right thing here and just give the OP his stuff back.
Still, until a EULA actually gets invalidated by a Court of Law, this is nothing more then idle speculation..
In the 14 years I have been playing MMOs, I have never encountered anyone who's account was magically TRIBBLE out of the blue. It was always a friend/relative/chinese power level service with whom the player shared their information. Why anyone would do that in a F2P game boggles the imagination, but they do.
Then you've been living under a rock. Accounts are compromised all the time these days. Professionally. Especially in games where you can make hard currency of the things you steal. My case wasn't isolated. It also wasn't the first time STO suffered from a heavy security breach like it.
I didn't share account information. Never did on any game. Never will. After the incident, I made a sweep of my computer, changed virus scanners, whatever I could think of. A last risk always remains, but I'm fairly certain I didn't have any malicious software here. Thus, I'm more inclined to believe that Cryptic had a leak, not me. Even if not - even if you know what you are doing, people have gotten pretty damn insidious. Even a technically safe site can frell you over; either by being attacked and modified itself, or by malicious code within banners included from other sites.
Thinking that just keeping your account information to yourself would keep your safe is naive. There is a reason why Cryptic thought of Account Guard. There are reasons why Blizzard and Bioware are using physical authenticators. There are reasons banks use RSA token systems of varying kinds. Frack, a Bioware account security type even stated that if if was feasible, they'd force every SWTOR player to use one. The way it is, they are greatly encouraging it and selling them at or below cost.
The largest blunder here in security is that Account Guard can be circumvented. You can change your email without triggering it; which is what happened with me. Got an email about a mail address change while I was at work. The attacker then authorized his own computer (nowhere near Switzerland, for all of you conspiracy theorists, thank you), and proceeded to plunder my account. Took me about 1 or 2 hours thanks to work and weak connection from my cell to block access again - again, totally circumventing Account Guard myself now - but by then it was too late. Most of my things and characters were gone.
A) The laws of Switzerland don't apply in California.
The laws of Switzerland apply to each and every product being sold in Switzerland. If Cryptic disagrees, they may stop selling it in Switzerland. Same goes for just about every country in the world. Thats consumer protection for you. Stop arguing and accept it.
EULAs actually are defensible in court. This is not 1983.
Of course they are. If they are written in accordance with local law. If not, they aren't worth the bits and bytes they use up on whatever medium they happen to be saved. For instance, we have laws about EULAs not being allowed to contain things you wouldn't expect - so companies couldn't just hide them selling you an animal farm in there somewhere. It's a bit more complicated than that of course, but its the condensed gist of it. That alone can break some EULA's validities over here.
C) Don't ever share your account information with anyone under any circumstances.
I did not need to be told that, and as explained before, that alone isn't sufficient protection. There are ways for gathering account information, sometimes in large amounts.
Still, until a EULA actually gets invalidated by a Court of Law, this is nothing more then idle speculation
Happens all the time. Not really any novelty behind it.
Okay, sorry. I'm reacting a bit too aggressive I guess. Situation is pissing me off.
To quote (or even misquote) Kyle Katarn from SW:JA: "You are right to be angry, but let go of the hate or it will lead you to the dark side".
What happened to you sucks, and I sympathize.
That being said, what Cryptic has done, namely restoring you characters, is the norm for the MMO companies out there.
This happened to a old friend of mine during the days of SWG. SOE restored his chars and most of his inventory, but did not want to restore his credits. This was, according to SOE, to prevent ppl from saying that they had say 100 million credits, when they only had 10k in reality, but wanted more...
So, it's probably because they (Cryptic) have no way of knowing how much you actually had of EC, Lobi and so forth, and are not willing to take the risk of being scammed themselves.
Not saying tthat you are doing this offcourse, but there are bad people out there that would do this in a heart beat, so it's more for their own safety that they will not give back EC or any other currency...
Cryptic knows -exactly- how much currencies I had. Especially Dilithium and ZEN. You can even view your own exchange history ingame. Don't be ridiculous.
And I'm not certain how the behaviour of SOE in regard to pure ingame currency with no hard RL monetary equivalent compares to the theft of currencies which does in the first place.
Heck, considering SOE's own track record in legality, I'm not certain how SOE business practices would be relevant at all.
....
The laws of Switzerland apply to each and every product being sold in Switzerland. If Cryptic disagrees, they may stop selling it in Switzerland. Same goes for just about every country in the world. Thats consumer protection for you. Stop arguing and accept it.
Of course they are. If they are written in accordance with local law. If not, they aren't worth the bits and bytes they use up on whatever medium they happen to be saved. For instance, we have laws about EULAs not being allowed to contain things you wouldn't expect - so companies couldn't just hide them selling you an animal farm in there somewhere. It's a bit more complicated than that of course, but its the condensed gist of it. That alone can break some EULA's validities over here.
Both of these are Straw arguments. Only the Courts have the power to decide if the laws applies, and invalidate the TOS legal agreement. And until the TOS agreement is invalidated by a Court of Law, it remains legal and binding...
You can argue all you want, but you won't be able to change this fact...
The thing is, there is nothing that is 'unique' in the STO TOS agreement. These are all standard legal clauses for MMORPG games, as all the other MMORPG that are out there will have similar legal clauses in their TOS statement. And the fact that these are standard legal clauses that MMORPG companies use must mean something...
Both of these are Straw arguments. Only the Courts have the power to decide if the laws applies, and invalidate the TOS legal agreement. And until the TOS agreement is invalidated by a Court of Law, it remains legal and binding...
Oh please. Half of all american EULAs are invalid within the EU because you sign/accept them AFTER buying the product. You are vastly overestimating the reluctance of courts to dismiss EULAs.
Cases like this alone could go to court over side issues, even, simply because they failed to protect personal information of their customers. They might win, they might not.
I'm sure not going to drag this further than I have to. But I want the situation resolved, or at least know its being resolved. Its bad enough having to talk legality about matters that should be common sense.
Cryptic knows -exactly- how much currencies I had. Especially Dilithium and ZEN. You can even view your own exchange history ingame. Don't be ridiculous.
And I'm not certain how the behaviour of SOE in regard to pure ingame currency with no hard RL monetary equivalent compares to the theft of currencies which does in the first place.
Heck, considering SOE's own track record in legality, I'm not certain how SOE business practices would be relevant at all.
Hey buddy, no need to throw insults around. I was only telling you one reason why they might not want to give you your EC back.
Yes, they probably have that info, but there could be internal policies that we are not privy to. Maybe restoring your characters is how far they can go.
But speculating gets us no where, the only thing you can do is to send another support Mail, or even calling Cryptic, expensive, yes, but it might be your only option in the end...
I am not insulting. I am simply tired of people thinking Cryptic gets to do what they want with their customer's money, that TRIBBLE accounts only happen because of a players stupidity, and that EULAs overrule customer protection laws. Not to mention demonstrating a complete lack of understanding regarding the way companies are required by law to track financial transactions and the virtual property of their customers.
Thing is, Cryptic is following laws, just not the laws of your country. They are following US laws and regs, but are not bound by other countries laws to the letter afaik. Some laws they have to follow, but what exact laws they have to follow is hard to know.
If I buy, say a new PC from the US and it breaks down, I'm not protected by my country's counsumer laws, as the product was not bought in this country. If it was bought however in the EU, I would be protected by some degree by EU consumer laws.
How laws work when a game dev is based the US and you are in the EU is unclear to me, but I would bet that the law guys at Cryptic/PWE knows this.
Should you get your EC back?? Yes. Will you?? Who knows.
You can but hope you will get your shinies back, but if you actually will is another case, but good luck.
I am currently in exactly the same scenario you are in. I lost over 100 million EC and ~2,500 zen. My troubles started May 23. It took them one day to rest my password, but my account was banned. It then took them 3 days to unban me. It's now been 7 days since I have received the first automated response for my request to have my account rolled back. It's really upsetting to see that you have been waiting even longer. I've read on the NW forums you can brute force PWE's asian website login.
Cryptic is about to lose a long term PAYING customer in me. I've already opened up a paypal dispute for the most recent subscription.
On May 13, my account was TRIBBLE. My STO characters were deleted. My dilithium, my ZEN, my energy credits and even my Neverwinter astral diamonds were stolen.
I filed a ticket the same day. It took you a week to restore my characters... and close the ticket. Set it to 'Resolved'.
Another week and multiple tickets later, my ZEN and other currencies are still missing, without a single word from your support except automated replies and nonsensical, buggy support site error messages.
And frankly, I'm getting tired of it. ZEN, Dilithium and astral diamonds have a _direct_ monetary RL equivalent. I want either my ingame currencies back, or I want an equivalent RL cash refund.
The latest ticket in question is 130522-002901.
I'll keep posting until this gets resolved. I'll leave it up to you what sort of advertisement your game needs.
Etani
My character was TRIBBLE early may, bypassing the account guard and they deleted my characters.
It took several weeks but support eventually recovered my characters minus my kit, dilithium, zen and my EC.
I was left broke and did not have any kit.
After logging another support request they recovered my character again along with all my belonging a week later.
AccountGuard isn't a very good system. WoW/TOR style authenticators are far better.
Heck, they could probably figure out some way to use Google Authenticator via the API.
After getting no reply from support I created a twitter account and messaged branflakes the community manager.
He gave my ticket info to support and that started the ball rolling for me.
Well, you can't blame them for some thief's actions, can you?
Are you just sucking up to Cryptic or something man?
You are saying basically even if I lock my car, someone breaks into it and steals it. That is my fault?
Listen dude seriously now I am extremely angry. Cryptic needs to start stepping up there game ESPECIALLY when it comes to REAL money. Don't you DARE tell this guy it's his fault for his account being TRIBBLE. That is complete and utter BS. They need to hire a much bigger accounting team and support team and get this TRIBBLE RESOLVED. I would be LIVID if my Zen got stolen that I PAID real money for.
Cryptic needs better security it is NOT NOT NOT our faults because Cryptic security is so easily circumvented.
How DARE YOU tell the OP it's his fault. How dare you.
This person is right to be mad, and annoyed at the incompetence. They are quick to take your money, quick to make sales and shove Lockboxes and everything else in sales down out throats, but when we actually need help, they brush us aside like we are pieces of TRIBBLE.
I am extremely livid right now. This is INSANE.
People need to stop defending Cryptic like they are dang Gods of the MMO world.
You are saying basically even if I lock my car, someone breaks into it and steals it. That is my fault?
You are basically saying if you lock your car and some one breaks into it and steals it, it is that the car company's fault. That is the flip side to the coin that you just tossed out there. You assume the poster you quoted was saying the it was the OP's fault when that was you that put those words there.
I am not here to defend one side or the other. I agree that Cryptic / PWE needs better security. But how can you be certain that the breach is indeed on Cryptic's side. As these accounts are now linked to PWE, I would think the problem lays with them rather than Cryptic.
I do believe the 'cryptic's at fault' issues are due to how the email change was set up at the time of the compromised accounts.
At that time the email verification was sent to only the new email, which meant changing the email address to the account didn't require access to the old email, just the login credentials. This completely bypassed the account guard system that 'should' have prevented someone who got access to your credentials to log into your account to do what they did.
All you got on the old email was a notification that the email had been changed.
I do believe the 'cryptic's at fault' issues are due to how the email change was set up at the time of the compromised accounts.
At that time the email verification was sent to only the new email, which meant changing the email address to the account didn't require access to the old email, just the login credentials. This completely bypassed the account guard system that 'should' have prevented someone who got access to your credentials to log into your account to do what they did.
All you got on the old email was a notification that the email had been changed.
Except that to log into the account at all to change the email, you have to authenticate with Account Guard. Unless you turn it off; it's on by default.
Of course, if you do this at a publicly-accessible computer, and don't uncheck the box that says "uncheck this if you're at a publicly-accessible computer", somebody else could come along and log in. This includes computers in your home that are accessible to roommates, angry soon-to-be-ex-girlfriends, etc. It also includes logging in from your cellphone then leaving it lying about.
This is not to say that it's impossible that anybody was TRIBBLE via a vulnerability at Cryptic or a deficiency in Account Guard; but just knowing your password isn't enough to get past Account Guard from a computer you've never authenticated, unless they also know your email password.
Former moderator of these forums. Lifetime sub since before launch. Been here since before public betas. Foundry author of "Franklin Drake Must Die".
I am currently in exactly the same scenario you are in. I lost over 100 million EC and ~2,500 zen. My troubles started May 23. It took them one day to rest my password, but my account was banned. It then took them 3 days to unban me. It's now been 7 days since I have received the first automated response for my request to have my account rolled back. It's really upsetting to see that you have been waiting even longer. I've read on the NW forums you can brute force PWE's asian website login.
Cryptic is about to lose a long term PAYING customer in me. I've already opened up a paypal dispute for the most recent subscription.
On a side note, you know what happens when you dispute payments? They autoban you. I recommend calling their billing support.
Except that to log into the account at all to change the email, you have to authenticate with Account Guard. Unless you turn it off; it's on by default.
Oh come on, pay bloody attention before writing bull**** like this.
It has been written multiple times that you do not trigger AccountGuard when changing your email via their website. Thats what the hacker did to me, and thats what I did myself when I changed it back.
AccountGuard is completely and utterly useless as it is.
And sadly, I'm now taking that option before it expires.
Just disputed the big LoR and Neverwinter packages; a good 300 Euro deal there. If I wait any longer, that possibility expires.
Though judging by other posters in this forum, I doubt that'll do anything but an autoban and me getting refunded by Paypal because PWE fails to respond.
Oh come on, pay bloody attention before writing bull**** like this.
It has been written multiple times that you do not trigger AccountGuard when changing your email via their website. Thats what the hacker did to me, and thats what I did myself when I changed it back.
AccountGuard is completely and utterly useless as it is.
'As it is' isn't as applicable anymore, the email change on the site has been changed recently. Thankfully.
Another update... I'm getting really annoyed at the responses from PWE's 'support'.
The first one seemed like a copy/paste about the stipend technical difficulties, this one seemed like a copy/paste of alot of different support issues...
Afterwards, please submit a new ticket with the following:
1) The subject line should read "Compromised Account".
2) Please include your PWE account name, in-game @Handle name, and original email address that was used when registering the account so we can quickly identify you.
3) Please send only one (1) ticket about this and avoid submitting duplicates.
All being steps listed directly in that post by Branflakes, and all steps I had already taken to open that support ticket... And the ticket is marked as solved.
Received the same, though mine isn't marked as solved. A huge list of standard solutions. A second ticket was closed as being a duplicate with a query to no longer file duplicates.
And they opened a new ticket themselves, under Billing Support, saying this:
Summarized it was just this: Your account was banned due to the PayPal dispute, resolve it with Paypal so we can forward your ticket to the support team, so they can investigate my missing stuff.
Yeah, right. And once I end the dispute, they'll be back to being unhelpful. Not going to happen.
This thread has now most definitely run its course, and isn't providing any constructive feedback, so due to this as well as the high number of reported posts in this thread, I'm closing this thread down.
For future reference please remember that it helps a great deal when posts which violate the PWE Community Rules and Policies are not responded to and are reported via submitting a Forums and Website Ticket (click here).
If you think any of your posts within a thread have violated the PWE Community Rules and Policies, please edit your posts before a moderator takes action.
If you feel you need to get in touch with PWE BranFlakes to discuss the actions taken by any Community Moderator, you can do so by submitting a Forums and Website ticket (click here).
Thanks,
syberghost
Former moderator of these forums. Lifetime sub since before launch. Been here since before public betas. Foundry author of "Franklin Drake Must Die".
Comments
Share your account information with an EC spammer. Yeah, they won't be able to refund your lost virtual assets.
In the 14 years I have been playing MMOs, I have never encountered anyone who's account was magically TRIBBLE out of the blue. It was always a friend/relative/chinese power level service with whom the player shared their information. Why anyone would do that in a F2P game boggles the imagination, but they do.
A) The laws of Switzerland don't apply in California.
C) Don't ever share your account information with anyone under any circumstances.
http://www.legislation.gov.uk/uksi/1999/2083/regulation/5/made
http://www.legislation.gov.uk/uksi/1999/2083/regulation/7/made
http://www.law.cornell.edu/ucc/2/article2.htm#s2-302
Laws like these exist all around the world in order to protect consumers. Against these laws, an EULA has zero chance, which is exactly how it should be.
Hopefully none of this actually matters because PWE will do the right thing here and just give the OP his stuff back.
Sig by my better half.
Then you've been living under a rock. Accounts are compromised all the time these days. Professionally. Especially in games where you can make hard currency of the things you steal. My case wasn't isolated. It also wasn't the first time STO suffered from a heavy security breach like it.
I didn't share account information. Never did on any game. Never will. After the incident, I made a sweep of my computer, changed virus scanners, whatever I could think of. A last risk always remains, but I'm fairly certain I didn't have any malicious software here. Thus, I'm more inclined to believe that Cryptic had a leak, not me. Even if not - even if you know what you are doing, people have gotten pretty damn insidious. Even a technically safe site can frell you over; either by being attacked and modified itself, or by malicious code within banners included from other sites.
Thinking that just keeping your account information to yourself would keep your safe is naive. There is a reason why Cryptic thought of Account Guard. There are reasons why Blizzard and Bioware are using physical authenticators. There are reasons banks use RSA token systems of varying kinds. Frack, a Bioware account security type even stated that if if was feasible, they'd force every SWTOR player to use one. The way it is, they are greatly encouraging it and selling them at or below cost.
The largest blunder here in security is that Account Guard can be circumvented. You can change your email without triggering it; which is what happened with me. Got an email about a mail address change while I was at work. The attacker then authorized his own computer (nowhere near Switzerland, for all of you conspiracy theorists, thank you), and proceeded to plunder my account. Took me about 1 or 2 hours thanks to work and weak connection from my cell to block access again - again, totally circumventing Account Guard myself now - but by then it was too late. Most of my things and characters were gone.
The laws of Switzerland apply to each and every product being sold in Switzerland. If Cryptic disagrees, they may stop selling it in Switzerland. Same goes for just about every country in the world. Thats consumer protection for you. Stop arguing and accept it.
Of course they are. If they are written in accordance with local law. If not, they aren't worth the bits and bytes they use up on whatever medium they happen to be saved. For instance, we have laws about EULAs not being allowed to contain things you wouldn't expect - so companies couldn't just hide them selling you an animal farm in there somewhere. It's a bit more complicated than that of course, but its the condensed gist of it. That alone can break some EULA's validities over here.
I did not need to be told that, and as explained before, that alone isn't sufficient protection. There are ways for gathering account information, sometimes in large amounts.
Happens all the time. Not really any novelty behind it.
You didn't bother reading much of this, did you?
They would be able to use your account for all sorts of nefarious purposes...
To quote (or even misquote) Kyle Katarn from SW:JA: "You are right to be angry, but let go of the hate or it will lead you to the dark side".
What happened to you sucks, and I sympathize.
That being said, what Cryptic has done, namely restoring you characters, is the norm for the MMO companies out there.
This happened to a old friend of mine during the days of SWG. SOE restored his chars and most of his inventory, but did not want to restore his credits. This was, according to SOE, to prevent ppl from saying that they had say 100 million credits, when they only had 10k in reality, but wanted more...
So, it's probably because they (Cryptic) have no way of knowing how much you actually had of EC, Lobi and so forth, and are not willing to take the risk of being scammed themselves.
Not saying tthat you are doing this offcourse, but there are bad people out there that would do this in a heart beat, so it's more for their own safety that they will not give back EC or any other currency...
And I'm not certain how the behaviour of SOE in regard to pure ingame currency with no hard RL monetary equivalent compares to the theft of currencies which does in the first place.
Heck, considering SOE's own track record in legality, I'm not certain how SOE business practices would be relevant at all.
You can argue all you want, but you won't be able to change this fact...
The thing is, there is nothing that is 'unique' in the STO TOS agreement. These are all standard legal clauses for MMORPG games, as all the other MMORPG that are out there will have similar legal clauses in their TOS statement. And the fact that these are standard legal clauses that MMORPG companies use must mean something...
Oh please. Half of all american EULAs are invalid within the EU because you sign/accept them AFTER buying the product. You are vastly overestimating the reluctance of courts to dismiss EULAs.
Cases like this alone could go to court over side issues, even, simply because they failed to protect personal information of their customers. They might win, they might not.
I'm sure not going to drag this further than I have to. But I want the situation resolved, or at least know its being resolved. Its bad enough having to talk legality about matters that should be common sense.
Hey buddy, no need to throw insults around. I was only telling you one reason why they might not want to give you your EC back.
Yes, they probably have that info, but there could be internal policies that we are not privy to. Maybe restoring your characters is how far they can go.
But speculating gets us no where, the only thing you can do is to send another support Mail, or even calling Cryptic, expensive, yes, but it might be your only option in the end...
If I buy, say a new PC from the US and it breaks down, I'm not protected by my country's counsumer laws, as the product was not bought in this country. If it was bought however in the EU, I would be protected by some degree by EU consumer laws.
How laws work when a game dev is based the US and you are in the EU is unclear to me, but I would bet that the law guys at Cryptic/PWE knows this.
Should you get your EC back?? Yes. Will you?? Who knows.
You can but hope you will get your shinies back, but if you actually will is another case, but good luck.
I am currently in exactly the same scenario you are in. I lost over 100 million EC and ~2,500 zen. My troubles started May 23. It took them one day to rest my password, but my account was banned. It then took them 3 days to unban me. It's now been 7 days since I have received the first automated response for my request to have my account rolled back. It's really upsetting to see that you have been waiting even longer. I've read on the NW forums you can brute force PWE's asian website login.
Cryptic is about to lose a long term PAYING customer in me. I've already opened up a paypal dispute for the most recent subscription.
They responded about the stipend technical issues... >.<;
Fail, Support... Fail...
Immediately replied to it explaining the correct issue that they didn't get out of the original...
Heck, they could probably figure out some way to use Google Authenticator via the API.
Romulan Praetorian Guard
My character was TRIBBLE early may, bypassing the account guard and they deleted my characters.
It took several weeks but support eventually recovered my characters minus my kit, dilithium, zen and my EC.
I was left broke and did not have any kit.
After logging another support request they recovered my character again along with all my belonging a week later.
After getting no reply from support I created a twitter account and messaged branflakes the community manager.
He gave my ticket info to support and that started the ball rolling for me.
Are you just sucking up to Cryptic or something man?
You are saying basically even if I lock my car, someone breaks into it and steals it. That is my fault?
Listen dude seriously now I am extremely angry. Cryptic needs to start stepping up there game ESPECIALLY when it comes to REAL money. Don't you DARE tell this guy it's his fault for his account being TRIBBLE. That is complete and utter BS. They need to hire a much bigger accounting team and support team and get this TRIBBLE RESOLVED. I would be LIVID if my Zen got stolen that I PAID real money for.
Cryptic needs better security it is NOT NOT NOT our faults because Cryptic security is so easily circumvented.
How DARE YOU tell the OP it's his fault. How dare you.
This person is right to be mad, and annoyed at the incompetence. They are quick to take your money, quick to make sales and shove Lockboxes and everything else in sales down out throats, but when we actually need help, they brush us aside like we are pieces of TRIBBLE.
I am extremely livid right now. This is INSANE.
People need to stop defending Cryptic like they are dang Gods of the MMO world.
You are basically saying if you lock your car and some one breaks into it and steals it, it is that the car company's fault. That is the flip side to the coin that you just tossed out there. You assume the poster you quoted was saying the it was the OP's fault when that was you that put those words there.
I am not here to defend one side or the other. I agree that Cryptic / PWE needs better security. But how can you be certain that the breach is indeed on Cryptic's side. As these accounts are now linked to PWE, I would think the problem lays with them rather than Cryptic.
At that time the email verification was sent to only the new email, which meant changing the email address to the account didn't require access to the old email, just the login credentials. This completely bypassed the account guard system that 'should' have prevented someone who got access to your credentials to log into your account to do what they did.
All you got on the old email was a notification that the email had been changed.
Except that to log into the account at all to change the email, you have to authenticate with Account Guard. Unless you turn it off; it's on by default.
Of course, if you do this at a publicly-accessible computer, and don't uncheck the box that says "uncheck this if you're at a publicly-accessible computer", somebody else could come along and log in. This includes computers in your home that are accessible to roommates, angry soon-to-be-ex-girlfriends, etc. It also includes logging in from your cellphone then leaving it lying about.
This is not to say that it's impossible that anybody was TRIBBLE via a vulnerability at Cryptic or a deficiency in Account Guard; but just knowing your password isn't enough to get past Account Guard from a computer you've never authenticated, unless they also know your email password.
On a side note, you know what happens when you dispute payments? They autoban you. I recommend calling their billing support.
Oh come on, pay bloody attention before writing bull**** like this.
It has been written multiple times that you do not trigger AccountGuard when changing your email via their website. Thats what the hacker did to me, and thats what I did myself when I changed it back.
AccountGuard is completely and utterly useless as it is.
Just disputed the big LoR and Neverwinter packages; a good 300 Euro deal there. If I wait any longer, that possibility expires.
Though judging by other posters in this forum, I doubt that'll do anything but an autoban and me getting refunded by Paypal because PWE fails to respond.
'As it is' isn't as applicable anymore, the email change on the site has been changed recently. Thankfully.
Another update... I'm getting really annoyed at the responses from PWE's 'support'.
The first one seemed like a copy/paste about the stipend technical difficulties, this one seemed like a copy/paste of alot of different support issues...
Relevant part about compromised accounts...
All being steps listed directly in that post by Branflakes, and all steps I had already taken to open that support ticket... And the ticket is marked as solved.
And they opened a new ticket themselves, under Billing Support, saying this:
Came in 15 hours after me filing the dispute, and ~14 hours after my account getting banned due to it - so it doesn't seem automatic.
1 month, nothing. File a dispute, reaction ensues. Heh.
Funny enough, I am still able to post despite being banned. Changed that too, apparently.
Summarized it was just this: Your account was banned due to the PayPal dispute, resolve it with Paypal so we can forward your ticket to the support team, so they can investigate my missing stuff.
Yeah, right. And once I end the dispute, they'll be back to being unhelpful. Not going to happen.
players.
when they can simply lock a person out of anything regarding zen/money
and still allow them to play.
almost like there saying FU go play another game.
This thread has now most definitely run its course, and isn't providing any constructive feedback, so due to this as well as the high number of reported posts in this thread, I'm closing this thread down.
Thanks,
syberghost