#0 - May 21, 2009, 10:32 a.m.
I immediately put in a GM ticket and my friend tried to recover his password. After attempting to thwart the hack attempt by changing his email and password, he was informed there were too many password changes and he'd have to call Blizzard customer service. Obviously, the office is closed.
So, for over an hour I've been on the phone with my friend, watching the thief log in and out of his account characters. Stood right next to his characters in Dalaran watching them go from bank to vendor. While my friend is locked out of his account due to multiple password changes, the thief is not. How is it that the web-based system locks out the legitimate person trying to rein security in, but that doesn't initiate a freeze on log-ins?
Moreover, while trying to use his secret question to grab things back, he's gotten notice that his account had been merged to a battle.net account, so now he doesn't even know what the username for his account is.
This is so ridiculously frustrating. We caught the security breach five minutes in and there is zero recourse available to us to freeze or secure what's going on. The GM ticket I submitted has not been addressed in over an hour, not that that's a surprise.
Obviously, tomorrow he'll have to call in and begin the weeks-long process of getting his account straightened out.
He doesn't buy gold. He haven't given his account information out to anyone. He doesn't use any unusual plug-ins. A scan of his computer doesn't show anything unusual virus-wise.
Given that most of the accounts that get hacked surely happen after hours when hackers can expect people to be in bed, what exactly is the recourse available to account holders like us in situations like these?