Blue Tracker
World of Warcraft Blue Posts
Diablo II: Resurrected Blue Posts
Diablo III Blue Posts
Hearthstone Blue Posts
Overwatch Blue Posts
Heroes of the Storm Blue Posts
Diablo IV Blue Posts
BlizzCon Blue Posts
Warcraft Rumble Blue Posts

Account Compromise; Clear Up Rumors?

Forum Avatar
Shibboleth
#0 - Jan. 26, 2010, 6:02 a.m.
Blizzard Post
So my account was hacked yesterday at 4a or so and I've begun the process of hopefully restoring it. I'm the guildmaster of the largest guild (as far as I'm aware) on the realm with about 600 characters. Easily 100 unique people log in every day. But I don't know what to tell them. Hoping this post will get the attention of a caring blue.

I've secured the account, added security to my computers, and added an authenticator (should have done that a long time ago and I'm asking my guild officers to do the same right now, although most have one already).

But in reading these forums and other sites, there are a lot of rumors and horror stories, and I just don't know what to tell my guild.

Some rumors that I've heard, and hopefully they are not true.

I've read on wow dot com that the account support person that I talked to today *could have restored my account, but apparently for some reason did not want to, or possibly is encouraged by management not to. Could this possibly be true?

Then I read that after a few days wait I'll get an email that I have to respond to or I'll be given gold and a couple lousy frost emblems instead of an account restoration. This would hardly replace my multiple toons with chest pieces that cost 95 frost emblems, and would be useless to my guild whose bank was pilfered for several thousand gold and several more thousand in items that we were storing. Wow dot com suggests that this is a policy to lessen the workload, and that if I don't take the deal (that is if I'm quick enough to respond "no" to the offer) that I'll be placed back in a queue that could take anywhere from a few days to several weeks to be restored? Really?

Elsewhere I've read that the account restoration specialist that investigates the situation decides if in their opinion the customer had some responsibility that they can pick and choose what to restore and what not to restore? I'm really hoping that the thousand+ hours that I've put into the game could not be just discarded like that. This can't be true, right? And what about the guild, their loot was in the vault too, even if I were careless (which I'm not) it would not be right for them to suffer too.

Then I've been told and have read that staff can request notorized documents and ID verification that can take days to weeks to obtain, mail, examine, and verify... even though my identity was verified in a few seconds with my secret question on the telephone today when I called to restore my password. I'm really hoping this isn't true, but a guild member told me this horror story today.

I'm not looking to bash the staff or policies here, but I have a lot of guild members and I don't know what to tell them to expect. I'm hoping a sympathetic blue will catch this post and clear up the rumors that are going around. Another guild on our realm was recently hacked and I understand that their situation had a happy ending very quickly, which does not jive with these rumors. But my ticket to talk to a GM is now getting old and growing a beard, and I haven't heard anything, so I don't know. My guildies of course want to know when we can raid again, when and if the guild vault gold and loot that they were saving collectively can be restored, and what would happen to them if they got hacked by a keylogger or phishing scam.
Forum Avatar
Orlyia
#18 - Jan. 26, 2010, 7:47 a.m.
Blizzard Post
I do see this as reported on 1/25 and sent along to investigations, Sibboleth.

It will likely be a few days before you hear from a Specialist.

I also see where they tried to transfer 3 characters, which we've locked down.

This can all be sorted out, but it will take a little time. Restorations are not all created equal, a lot also depends on our volume at any given time - as well as the nature of the investigations and what was done during the compromise on turn-around time.

If you should be offered a compensation package, you are perfectly welcome to decline it. Not everyone qualifies for even that offer -so don't worry if you don't see one.

While all this is being sorted, especially since your guild is so large, please....please have a meeting with your membership and impress upon them how vital security is to prevent this from happening and interrupting their gameplay. Pass along information on the authenticator and encourage any that do not have one, to get one.

I do wish you all the very best.