Zenimax policy on hacked accounts

zaria

rustic_potato wrote: »

It is on the end user to protect the account. Not the dev. If ZOS started refunding stolen items that could be exploited pretty easily. So the current model for handling hacked accounts seems reasonable.

So why do WOW do it as an routine support task?
Yes it might be possible to exploit, note mailing the stuff from your account to somebody else and then report your account hacked would not be an good idea for the recipient of the mail. Again you can launder stuff by multiple accounts but this will be expensive if done once and have fun claiming you get hacked the 3rd time.

Issue for ZoS is that some who get hacked and deleted is likely to uninstall the game.

PlagueSD

lordrichter wrote: »

TheMaster wrote: »

The only way I could see someone getting hacked is if they literally give out their account or email password to someone. I don’t agree with ZOS’ policy, but I’m not exactly sweating sympathy for such ridiculous levels of stupidity.

This statement sort of reads like it is always the fault of the account holder, and there is more to it than that.

Here's what I think happened. User got their email hacked...which gave the hacker the ability to log in to the game (assuming the user also used the same email and password for game access). Hacker logged in to email, changed password, and then logged into the game. Since email password was changed, user didn't get a notification since his credentials were no longer valid.

Hopefully no one is using a Yahoo account for their games...It's been verified that ALL yahoo email accounts have been compromised.
http://money.cnn.com/2017/10/03/technology/business/yahoo-breach-3-billion-accounts/index.html


Moral of the story:
Don't use the same email address to log into the game as you do to post on social networks.

Takes-No-Prisoner

Tandor wrote: »

Graydon wrote: »

If Zenimax is hacked and compromised, then ZOS is liable.
If a player’s account is hacked, then the player is at fault and liable.

Simple Pimple.

PSA - stop downloading p0rn

Or installing cheat engines, other unsupported third party applications, or even obscure addons.

This also could of been the cause. Sound silly and unlikely? Probably, but it's definitely scary and wouldn't be hard to get someones account else where, once that data is stolen.

NewBlacksmurf

martinhpb16_ESO wrote: »

My post is not about how he got hacked it is about Zenimax policy of not restoring items from hacked accounts.

If you look through forum posts you will see a lot of speculation about how accounts get hacked. Some people say hacking is easy, some say its difficult.

The fact is that there are enough hacked accounts to demonstrate that hacked accounts are a genuine problem.

The issue is Zenimax's policy o hacked accounts. Other games refund the stolen items, why not ESO?

People have all their gold and materials stolen. Guild banks emptied and items deconstructed for mats. Everything gone with nothing restored.

Thats not good enough.

Standard Zenimax reply to hacked accounts taken from a forum post

Hello Again,

We cannot restore items that are lost due to an account being compromised.

We are willing to offer you a one time gold compensation in order to get you back to playing again.

Please review your account and provide us with what you believe to be a fair amount of compensation. I will then review your request and decide on a final number of gold to compensate the account with.

Again, please be aware that no items will be restored due to an account being compromised. We are only able to offer you a one time gold compensation.

Account security is ultimately up to the customer, so be sure to keep your account details secured at all times in order to avoid any intrusion to your account.

Not to be cold or anything but what another company does shouldn't be the logic or expectation we should apply to this game. Another important thing is that due to recent US news around Yahoo and Equifax compromises, millions or billions of customer information has been compromised.

I think we all agree that it would be nice if this game did things like another company whose given us a positive experience but, last I checked, there aren't a lot of positive customer experience posts regarding ZOS.
Its just something each of us has to live and learn......for me, that meant moving to never use ESO Plus and early on, when on PC, it meant loosing paid time when a subscription was required for over 90 days as a result of a major bug that forced my computer and many others to crash after 5 minutes of gameplay.

They did not offer any restoration or refunds, because....in their agreements, they didn't have to and I had agreed to it initially.

Tavore1138

PlagueSD wrote: »

lordrichter wrote: »

TheMaster wrote: »

The only way I could see someone getting hacked is if they literally give out their account or email password to someone. I don’t agree with ZOS’ policy, but I’m not exactly sweating sympathy for such ridiculous levels of stupidity.

This statement sort of reads like it is always the fault of the account holder, and there is more to it than that.

Here's what I think happened. User got their email hacked...which gave the hacker the ability to log in to the game (assuming the user also used the same email and password for game access). Hacker logged in to email, changed password, and then logged into the game. Since email password was changed, user didn't get a notification since his credentials were no longer valid.

Hopefully no one is using a Yahoo account for their games...It's been verified that ALL yahoo email accounts have been compromised.
http://money.cnn.com/2017/10/03/technology/business/yahoo-breach-3-billion-accounts/index.html


Moral of the story:
Don't use the same email address to log into the game as you do to post on social networks.

If you really want to be secure don't use the same password for your email that you do for the game or for the forums or for any other game or anything else where you care about your access. And try to change the ones that matter to you at least every few months.

You are honestly better off having them written down somewhere rather than using weak passwords or using the same one in multiple places - the chances of someone breaking into your house with the intention of stealing passwords is very small compared to the chance of having at least a couple of your passwords compromised by sloppy corporate security policies.