What's funny is, SE reset your passwords before if it was unsuitable for being 'secure', e.g too short or stupid like 'the' or 'password'.
So I wouldn't be surprised if they reset it again.
What's funny is, SE reset your passwords before if it was unsuitable for being 'secure', e.g too short or stupid like 'the' or 'password'.
So I wouldn't be surprised if they reset it again.
Got in contact with SE customer support today, and had my account restored to me.
When I logged in, my character is definitely on Asura (when he was on Diabolos), missing everything sellable he had on him. He's now sitting in mount zhayolm with like 15 stacks of pickaxes.
Currently waiting on a GM response.
Sovereign I am sorry to hear about your character, sounds like they put him/her into hard slave labor .
What exactly happened before you logged in?
Did you scan for viruses? (if not you should)
Are your other characters like your main on same account ok?
Do you have token?
I will recheck to see if I missed anything in your other posts.
I wish you the best of luck with the restoration!
Official Site:
Important Notice Regarding your PlayOnline ID(s)
Thank you for your continued support of PlayOnline and FINAL FANTASY XI.
As a result of an attack on our computer network, there is a possibility that information pertaining to some users has been compromised including the PlayOnline ID, PlayOnline password and certain other details obtained during registration. We have taken measures as soon as the attack was detected, and have limited the potential breach of information.
If you have linked your PlayOnline ID to a Square Enix Account, your account will be safe due to the nature of the information possibly breached. Please be assured that sensitive information such as your credit card number has not been compromised.
To prevent any misuse from accounts potentially compromised during this incident, we have changed the PlayOnline password for all those affected. We will be sending the new PlayOnline password to you by regular mail to the address registered in our records. We apologize for the inconvenience, but you will be able to login to PlayOnline using this new password. We have also sent out details on how to reset your password through our Information Center to those with a valid e-mail address, during the early hours of June 4th.
Those who can still login to PlayOnline using their current password are unaffected by the contents of this e-mail.
Please note: Square Enix employees will not ask you for your PlayOnline password regarding this incident. Please remain vigilant of any phishing attempts disguised as correspondence from Square Enix.
Thank you for your understanding, and we again apologize for any inconvenience caused.
Thanks Cairthenn, perhaps some one should post it in the official news thread as well..
@Soverign, looks like Cairthenn answered my question.
It's one of three accounts I have, and the specific account in question does not have a SE account, nor does it have a security token. It also only has this one character on it, no mules (though I'm not sure that's pertinent to the discussion).
My main account has both a SE account and a token, it was unaffected. A third account I own has an SE account, but no token, and was also unaffected.
I regularly scan my computer for viruses, of which I currently have none.
I hadn't logged into the account for about two days before this happened. I normally use it to camp long-duration HNM windows like Tiamat, Khim, Cerb etc or do some regular muling/powerleveling shit for my main. Last time I used him, I had logged him out near a tiger camp in Jugner [S] where I was using him to powerlevel Annihilator magian trials for my main.
@ Sovereign
Since you said there was no SE account on the one that got hit, it looks exactly like what is in that official notice that Cairthen posted.
I find this part of the official notice to be interesting:
I have never seen that option used before.We will be sending the new PlayOnline password to you by regular mail to the address registered in our records.
they can't verify you're you by using personal information that was downloaded by the attackers, so they need to approach you. i guess they felt for some reason snail mail was superior or more secure than email. what's upsetting from this data breech in addition to personal information being leaked (they'd better be coming clean if my name/address got jacked from their database...) is that if they're resetting passwords that means they store passwords in plaintext or some realistically reversible form. for shame, SE. learn how to handle passwords properly. a hint, unix systems have been doing it for decades now.
So this is what the anti-RMT business has lead to, RMT striking at the source because all other methods have been blocked... Scary part is how effective it apparently is... ._.
Hopefully another lesson learned for SE for the FFXIV -_-
I got the email and a call saying my account may have been compromised/targeted. I canceled the card i used to pay SE with and my MC is giving me problems getting a secure ID number so i am in limbo for a week til i get a new Visa Q_Q
I don't understand this. What lesson? If SE cockblocked them in most ways they have to go to drastic measures, there's no lessons to learn other than stop trying to prevent RMT or you'll get heavier attacks....?
I think the only people worried about snail mail are the ones who used fake info/refused to update said info/share accounts and the person registered moved/dumped you/etc.
Incoming shit storm from people who used a fake address to register.
Jumping through the hoops today in hopes of getting my account restored.
I had SE lock the account and am now having to fill out their Game Data Recovery Declaration thing... along with sending a copy of my photo ID. Assuming it'll take much more time than I had anticipated getting the account restored, and chances are I'll still be missing gil or items since I'm not exactly sure about the last date/time I logged him in.
Late, I know, but my account ended up getting the POL password on my account reset by SE. All you have to do is sit on web chat for ~30 minutes (at least that's what it was for me), verify the e-mail on the account, let them confirm it, and they'll send you the e-mail with your password in it.
Minor details from my last post:
- I have the account linked to an SE ID.
- I deactivated the one-time password a while back.
Chances are they won't ask you for registration codes, playonline id, credit card numbers, etc.