Go Back   Steam Users' Forums > Steam Game Discussions > Q - S > Star Trek Online

Reply
 
Thread Tools Display Modes
Old 04-25-2012, 04:50 PM   #1
damaged
 
Join Date: Jul 2008
Reputation: 8656
Posts: 7,266
Just got this: Important Cryptic Studios Account Notification

Quote:
As a result of routine security checks and upgrades, we have discovered that certain of your account information, including your password, may have been accessed by an unauthorized party.

For your security, we've reset the password on your account. You can recover your password via the "forgot password" link on the official Star Trek Online or Champions Online web sites:

https://www.startrekonline.com/user/password
https://www.champions-online.com/user/password

If you have used your account name and password for other accounts, especially financial accounts or accounts with personal information, you should consider changing your password on other services as well.

For full details on the unauthorized access, please read the notification here.

Apologies for the inconvenience.

Customer Service
Cryptic Studios

*sigh* Yet another company that lacks proper security auditing practices.

More on this: http://www.crypticstudios.com/securitynotice

Last edited by damaged: 04-25-2012 at 04:53 PM.
damaged is online now  
Reply With Quote
Old 04-25-2012, 05:19 PM   #2
ensure
 
 
 
Join Date: Oct 2010
Reputation: 16
Posts: 42
i dont have an account an i received this, i think is a scam, i go to the original site i try to recover my password here https://register.perfectworld.com/account/forgotid
and got this
The email address you provided is not linked to a Perfect World account. If you feel this message is in error, please contact us at customerservice@perfectworld.com.

dont use any link on that email, just go to the site using google and reset your password there for safety
ensure is offline   Reply With Quote
Old 04-25-2012, 05:23 PM   #3
damaged
 
Join Date: Jul 2008
Reputation: 8656
Posts: 7,266
Quote:
Originally Posted by ensure View Post
i dont have an account an i received this, i think is a scam, i go to the original site i try to recover my password here https://register.perfectworld.com/account/forgotid
and got this
The email address you provided is not linked to a Perfect World account. If you feel this message is in error, please contact us at customerservice@perfectworld.com.

dont use any link on that email, just go to the site using google and reset your password there for safety
It's not a scam, you have to goto either, https://www.startrekonline.com/user/password
or https://www.champions-online.com/user/password, enter the email, then you have to select the Cryptic radio button, the Perfect World button is selected by default.

Remember this is for the Cryptic users (you registered before PW took over), not perfect world users.

Also, I copy pasted the urls (https://www.startrekonline.com/user/password and the other) from the email, did not click on it, only idiots do that.

Also, if you bothered to go here: http://www.crypticstudios.com/securitynotice

You would see it is not a scam.

Last edited by damaged: 04-25-2012 at 05:28 PM.
damaged is online now   Reply With Quote
Old 04-25-2012, 05:35 PM   #4
ensure
 
 
 
Join Date: Oct 2010
Reputation: 16
Posts: 42
Quote:
Originally Posted by damaged View Post
It's not a scam, you have to goto either, https://www.startrekonline.com/user/password
or https://www.champions-online.com/user/password, enter the email, then you have to select the Cryptic radio button, the Perfect World button is selected by default.

Remember this is for the Cryptic users (you registered before PW took over), not perfect world users.

Also, I copy pasted the urls (https://www.startrekonline.com/user/password and the other) from the email, did not click on it, only idiots do that.

Also, if you bothered to go here: http://www.crypticstudios.com/securitynotice

You would see it is not a scam.

you are right , i try with cryptic option and its works with my email(i dont remember creating an account...)
but the problem its gmail that put it in spam emails everytime you try reset your password
ensure is offline   Reply With Quote
Old 04-25-2012, 05:42 PM   #5
damaged
 
Join Date: Jul 2008
Reputation: 8656
Posts: 7,266
Quote:
Originally Posted by ensure View Post
you are right , i try with cryptic option and its works with my email(i dont remember creating an account...)
but the problem its gmail that put it in spam emails everytime you try reset your password
Just mark it not spam, if you have to, you can create a filter for it and check 'Never mark as spam".

See here for more info: http://support.google.com/mail/bin/a...en&answer=9008
damaged is online now   Reply With Quote
Old 04-25-2012, 05:42 PM   #6
Browncoat1984
 
Join Date: Jan 2009
Reputation: 11
Posts: 374
This makes me so angry. 1) that hackers stole their information in 2010 and they didn't bother telling us they were hacked until TWO YEARS LATER

2) They just went ahead and reset everyone's password. I changed my password LAST YEAR - I should not have had to have my password reset. Had they bothered to check that, they would have seen that.
Browncoat1984 is offline   Reply With Quote
Old 04-25-2012, 05:48 PM   #7
damaged
 
Join Date: Jul 2008
Reputation: 8656
Posts: 7,266
Quote:
Originally Posted by Browncoat1984 View Post
This makes me so angry. 1) that hackers stole their information in 2010 and they didn't bother telling us they were hacked until TWO YEARS LATER

2) They just went ahead and reset everyone's password. I changed my password LAST YEAR - I should not have had to have my password reset. Had they bothered to check that, they would have seen that.
I hear you, they need to start making laws, so that companies will be be criminally charged for this as well as the hackers, maybe once they thought they'd have to serve a prison sentence, they'd start giving a about their customers security.
damaged is online now   Reply With Quote
Old 04-25-2012, 06:02 PM   #8
Browncoat1984
 
Join Date: Jan 2009
Reputation: 11
Posts: 374
When PSN was hacked in 2011, when Steam was hacked, when virtually ANY OTHER game/service I use was hacked in 2011 we were notified of it almost immediately, okay in the case of PSN it was like 2 weeks or something but Sony knew about it and just didn't tell us.

Cryptic doesn't tell us until TWO YEARS after the fact.

Then they just decide "well, we better reset everyone's passwords!" Not bothering to check if said passwords had even been reset since then. I actually went through and changed EVERYTHING (important at least) I was using to a random password with upper case/lower case/numbers/symbols that I have saved in case of stuff like this happening, this was right after the round of hackings in April-June 2011 to be safe. So my CURRENT password should have been unhackable, but they still reset it.

And on top of that, if I had actually been IN GAME at the time that it had happened, it would have booted me out. Good thing I wasn't in game doing any important group stuff or anything!

How this should have been handled - well, first Cyrptic should have had a secure enough system in place in the FIRST place but given how much hacking went around the Internet last year that's forgivable. BUT they should have had a crack security team on this from day ONE and getting it fixed, NOT two years later.

Then, when they decided that people should change passwords, instead of just saying "we decided to reset everyone's passwords" they should have sent an e-mail saying "should you like to reset your password, you can use the reset password field."

Seriously, Cryptic, that was two years ago. If my password was stolen don't you think my account would've been hacked LONG before then?

Any other MMO company would have been on top of this I bet, from Ultima Online to TOR. When you deal with so many accounts that contain personal data like CC's and addresses, you NEED to and the fact that Cryptic wasn't is VERY disturbing.

Thankfully both my CC and my debit card expired in 2011, so if they DID have that info, they wouldn't be able to use it at all.

That being said, this makes me want to play the game even less. I'm currently boycotting it because of the whole stupid lockbox thing and now this...I'll stick to playing TOR for the time being.

This thing was handled poorly, both in the investigating aspect and in how they deal with it in response to their customers.
Browncoat1984 is offline   Reply With Quote
Old 04-25-2012, 07:27 PM   #9
rdcmrt
 
Join Date: May 2010
Reputation: 6
Posts: 100
WTF, I'm not even registered at the games they send in the email.
Never registered and never played these games!? and never even played any game they made.
What the hell is this email.

Last edited by rdcmrt: 04-25-2012 at 07:37 PM.
rdcmrt is offline   Reply With Quote
Old 04-25-2012, 09:19 PM   #10
Moes
 
Join Date: Jul 2010
Reputation: 23
Posts: 118
They did a mass reset, which is easier then having to manually check every account, because possibly they do not have a piece of software on the backend to check for dates like what some of you have described.

So they mass make everybody do it.
Moes is offline   Reply With Quote
Old 04-25-2012, 09:45 PM   #11
rdcmrt
 
Join Date: May 2010
Reputation: 6
Posts: 100
Ye, I get that but my question is. 'how do they have my email adress if I never subscribed or registered at them?
rdcmrt is offline   Reply With Quote
Old 04-25-2012, 09:50 PM   #12
damaged
 
Join Date: Jul 2008
Reputation: 8656
Posts: 7,266
Quote:
Originally Posted by rdcmrt View Post
Ye, I get that but my question is. 'how do they have my email adress if I never subscribed or registered at them?
Did you ever register at perfect world, or sites of any of the games they bought out?
damaged is online now   Reply With Quote
Old 04-25-2012, 10:45 PM   #13
rdcmrt
 
Join Date: May 2010
Reputation: 6
Posts: 100
No, as earlier stated i did not. I do not own one single game they released.
I'm not the only one who's getting this email while never bought their released products or registered at one.
rdcmrt is offline   Reply With Quote
Old 04-25-2012, 10:48 PM   #14
damaged
 
Join Date: Jul 2008
Reputation: 8656
Posts: 7,266
Quote:
Originally Posted by rdcmrt View Post
No, as earlier stated i did not. I do not own one single game they released.
I'm not the only one who's getting this email while never bought their released products or registered at one.
Dunno what to tell you then, maybe they bought a list or exchanged with another company, do you have a facebook account?
damaged is online now   Reply With Quote
Old 04-25-2012, 11:37 PM   #15
rdcmrt
 
Join Date: May 2010
Reputation: 6
Posts: 100
No, don't have Facebook either, especially for the reason they sell info to thirt parties.
rdcmrt is offline   Reply With Quote
Reply

Go Back   Steam Users' Forums > Steam Game Discussions > Q - S > Star Trek Online


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT -7. The time now is 04:58 PM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
Site Content Copyright Valve Corporation 1998-2014, All Rights Reserved.