Thursday, January 28, 2010

My (Inactive) Aion Acct Got Hacked... Seven Times.

This is kind of old news, so I'm not going to go into some huge thing here, but I had heard about some NCsoft account wonkiness whereby logging into your account on the NCsoft site would sometimes (whoops!) have you show up at someone else's master account page, whereby you're free to edit anything you want. NCsoft denied it at first, then 'commented on the allegations', then apparently bumped up security on their account pages (for no reason, right?).

The reason I didn't comment on it before was because I don't really play CoH, Guild Wars, or Aion anymore. I have a Guild Wars account... somewhere... and Aion got bought, activated, and then I let that first month die out. I've been wrapped up in a lot of other stuff, and aside from random heroics now and then in WoW, I don't have a lot of time to play a lot of games.

Then I saw in gmail that my account for Aion got literally gang banged one night. The poor little thing got bent over a barrel in cyberspace and violated 6 times in the course of an hour:

Oh, ixo! Don't show them the name of your NCsoft account! You should blur that out in the image!

Yeah, I'm getting to that...

Again, I don't really use my NCsoft account for anything, so I just didn't bother responding, except some short email along the lines of 'yeah I got hit 6 times last night, lol? might wanna look into that'. I got some standard email form back from them that I'm sure a human didn't type, so I pretty much ignored it.

Then I got whacked again (once), and it was all too ridiculous.

There's bascially two things I'm writing this post for (okay, three), and none of them have to do with crying over my lost Aion/GW account.

1) THE ATTACKS DID NOT COME FROM CHINA. I feel like I need to go out of my way to emphasize this one after living in Asia, because everyone thinks that all of China is hunched over laptop keyboards, hacking our dollars into the sky like those ridiculous units the Chinese Army used in C&C Generals. Using the online VisualRoute (think: traceroute) Demo, I could see the gangbang actually originated from Germany, and the day after one-shot came from Los Angeles.

2) NCsoft is demanding no less than 6 pieces of information from me to 'prove' I'm the real account holder:

-- What first and last name did you use when you created the account?
-- What physical address did you use when you created the account?
-- What date of birth did you use when you created the account?
-- What are the 20-digit serial codes for all games you added to the account?
-- What is the Unique Account ID for all the game accounts you added to the account? (This was sent to you via e-mail on the date your game account was activated with a subject header of 'Game Account Activated'.)
-- What are the last 4 digits of the credit card or the 20-digit game time code originally used to activate the account?

I don't remember my Unique Account IDs, I kinda thought that was the point of having a master account. I bought GuildWars FOREVER ago, and most certainly don't have the serial number anymore. Again, kinda the point of having a master account, right? I also was using a different email address way back then for a company whose mail servers have effectively been shut down. I probably had a different credit card as well, as I used to bank with Bank of America, then, you know, moved to Japan and figured I wouldn't need the lame line of credit BofA was offering me.

They certainly didn't make the person hammering the account page provide any information, but when a legit request comes through, they make me fill out forms in triplicate. I sent a short email back saying that since the 'your shit got hacked' emails were coming to this gmail address, and since gmail's security isn't as lame as theirs, doesn't that kind of prove I'm me? I'd probably be better off figuring out how Germany and Los Angeles hacked me in the first place, and then just hammering the account page until mine came up in the roulette wheel. It's all pretty silly, and not worth the hassle.

Aion was interesting for the hour or so I played it, and GuildWars to me is like playing Diablo1. I know a lot people still like GuildWars, and there's an entire country in Asia that still plays StarCraft in 800x600. I'll wait for GuildWars2, and if it looks like it's worth checking out, then I'll just make a new account.

Which brings me to...

3) I wonder how many people that love Guildwars/CoH/Aion are just sick of putting up with all this shit from NCsoft account security, filling out these forms, having their PWs reset, only to get hacked again the next day, THROUGH AN OPEN FLAW ON NCSOFT'S END, and are just throwing up their arms and surrendering?

It's ridiculous. There's losing subscribers because your game sucks, but how many games can say they lost happy customers because they couldn't build a proper account webpage?



Gonzo said...

I play guildwars off and on but i havent checked my account in a while i wonder what happened to it :(

Vordan said...

I bought guild wars, played it for maybe 5 hours, this was mind you like 3 years ago, and well I have since forgot the name and password of my account. It wasnt worth remembering.

Jong said...


ncsoft executives should read this post.

I'm shorting KRX right nao!

Khatib said...

Haha, welcome to my world man:

Anonymous said...


You think you got it bad.

My Aion account got hacked too!

Well so the emil said...

The one give away that it didn't actually get hacked was...

I don't have an Aion account... Never played it.

Taemojitsu said...

According to a poll on, most people who've been hacked used the same login and password for multiple sites. Aionsource itself had its password db stolen a few weeks ago, so hopefully you weren't registered there. You might want to read this post by relatively well-known Scott Jennings on the topic of account security:

And make sure you have up-to-date Flash, Adobe reader, OS security updates, etc...

nugget said...

A friend's Aion account got hacked too - with even more hilarious results.

Apparently, he was very poor from PvPing a lot before he unsubscribed. (His account was also, incidentally, inactive when it was hacked.)

Apparently the hackers took one look at his account, went HMMMM this guy is a pauper, but he's a decently done up pauper...

...and went massively massively gold farming with his toons. Then started selling the gold.

He only found out he got hacked because NCSoft then blocked his account for... suspicious activity.

After finding out why, he went to Aion's version of the Armory, and looked at all his toons. Not only did they still have their stuff, one of them gained a level. XD

The only sad thing is he and I are die-hard GW fans, and until NCSoft clears up this whole mess, we can't play together anymore :(

Anonymous said...

And to work, boring day began, oh, my God! A friend recommended I play this games aion kinah, do not know fun or not fun. Alas! Who fun game message to me. Thank you!