Compromised Accounts - Update | EVE Online

Compromised Accounts - Update

2006-01-30 - By Svarthol

As many of you remember, a number of accounts were compromised about three weeks ago. The source which enabled this was very old, from an old test cluster, resulting in mainly older accounts being compromised. This was the reason for us resetting passwords for a number of users at that time. Billing information was never at risk.

Many of the players we asked to change their passwords then changed them back to their old passwords or changed nothing but caps, which resulted in further accounts being compromised.

Our security systems now no longer allow people to change their passwords to the same password they are changing from and two days ago we reset the passwords of all the accounts which had changed their passwords to the same ones, or not changed them at all.

We are now implementing stronger security measures on all fronts, strengthening server and client security and making sure old equipment isn't being reused in lower security zones. We will also force regular password changes, require a certain level of complexity in passwords, raise encryption levels across the boards and so on.

However, we can not emphasize this enough - never give your password out to anyone. Don't use your game login on third-party forums or applications, and remember - we will never ask for your password! (Ironically, macro applications are the worst culprit in account hacking).

Quite a few of the recent cases are due to "conventional" hacking and are not connected to the incident three weeks ago. These are pretty much business as usual, since they do not involve any compromise on our side. We know that these cases have fuelled rumours about the original incident, but we are not in a position to discuss any details of the original incident.

We encourage you to contact customer support if you believe your account has been compromised. However, as a result of the previous situation, the load on customer support is still high and there are still people that haven't had their cases resolved.

We sincerely apologize for the inconvenience this incident has caused and want to ensure you that we are taking full measures to strengthen everything on our end to prevent this from happening again.