Star Trek Online

Star Trek Online (
-   Windows and General: PC, Network, and Other Technical Issues (
-   -   How many? (

silverline 05-01-2013 04:44 AM

How many?
PWE and STO account have been recently hacked?

I am careful, my OS, anti-virus, firewall & anti-malware software is all up to date.
I do not share passwords or give out my details to others.

Yet to today my STO account got hacked.

First sign was an email from PWE saying my email address for my account, had been changed at "my" request.

This was at 8:54am GMT, I swiftly reacted and despite getting control of my account back at 9:17am GMT. 3 of my 4 characters had been stripped of all EC, refined dilithium, my account bank emptied of EC and all the saved ZEN I had was gone.

I literally interrupted the guy in the act, as I was checking what had gone, I was de-friended by "@*******", an account handle I do not know.

I had saved over 60million EC up for a Tholian Recluse Carrier or Jem'Hadar
Dreadnought, still had not made my mind over which to go for.

I had over 7000 ZEN saved for when 'Legacy of Romulas' came out to buy a few ships.

my refined dilithium was bening saved for buying fleet ship and equipment.

ALL THIS now gone, and so is my enthusiasm for playing STO.

EDIT account handle removed, since suspicion not proof.

intrepid74656 05-01-2013 05:12 AM

Maybe you can contact PWE/Cryptic so they can restore your account but I doubt they will do anything.

grouchyotaku 05-01-2013 08:39 AM

Sorry for your lose, but these days, most account hacks occur due to malicious 'Flash' or 'Java' banner adds with 'keylogger' functionality. The best advice is to avoid using your Browser when you play STO.

Cryptic/PWE does have the ability to roll back accounts, so you should send a support ticket or contact Support with 'Account Hacked' as the subject...

silverline 05-01-2013 09:48 AM

I run NoScript on my browser, which stop any adverts like that.

sollvax 05-01-2013 09:51 AM

Zen has a cash value
this is therefore a criminal offence
I suggest you contact the authorities

alastairnall 05-08-2013 07:44 PM

Same thing happened to me, it seems roughly an hour or two before it happened to the OP. It took them a day and a half to lock my account, by which time it was far too late. Then it took them another three days to unlock it once I verified my identity. I'm still waiting to see if they're going to restore all the stuff that was taken or destroyed. Been about two and a half days since their last reply.

I think the worst part of it is how easy PWE makes it for somebody to steal. I can't speak for the OP, but the fact that the thief was able to change the email address on the account (in both of these cases it seems) with no confirmation needed from the real account holder or registered email address, thus bypassing any safeties of the "Account Guard" system they have in's just insane.

xcom43 05-08-2013 08:06 PM

I really Hope the account system is not hacked again.

You need to change passwords like once a month or every 6 months.

Another thing i don't get is how they got into the system when it has a account guard sent to your email so may be your email has been hacked as well might want to change that password as well.

disposeableh3r0 05-08-2013 08:33 PM

Seeing as accountguard also asks you to verifiy every time you use a different computer I would check my varification list.

This can be accessed through the my account link then clicking on the accout guard icon.

It will show a list of every borwser/computer verified with an ip address. As well as if account guard is enabled/disabled

disposeableh3r0 05-08-2013 08:50 PM

So just for fun I changed my assigned email.

It was prety easy.

All I had to do was enter my password once and click a confirmation in the new email.

But I dont think PWE can do much about it since it all revolves around a compromised email account.

grouchyotaku 05-08-2013 09:14 PM


Originally Posted by silverline (Post 9570411)
I run NoScript on my browser, which stop any adverts like that.

Though, of course, this would be useless if the link to the malicious script was embedded in the webpage itself.. This happened once to the Fleet Website I visit, and was quickly detected by Google search. Took a couple of weeks to clean up that mess...

All times are GMT -7. The time now is 11:22 AM.