Today I received an e-mail that my password for the GOG.com account got changed. I immediately checked it out and was unable to login anymore. Apparently, the e-mail also got changed to "sekon.hand@yandex.ru". I already sent a support ticket, but haven't gotten any answer yet.
I realize it's not only Sunday, but a holiday as well, but I hoped that there was at least some kind of support available for emergencies such as this. I'm creating this topic in hopes that a bluetext sees this and is able to help me.

PS: I apologize if there was any kind of harassment or spam under my name.

Well, first of all, find a clean PC (not yours and not one you don't trust) and change all your account passwords. If they got your GOG password, it might have been with a keylogger or a trojan.

It is unfortunate, I'm afraid there have been cases here in the past where russian email accounts have stolen GOG users' identities. They don't tend to post on the forums, so no worries there. They also cannot purchase anything using your money, so you need not be concerned there. Unforutnately it just means waiting for support to restore your account.

I've never really understood what they're gaining from this, perhaps others can explain the profit?

Now GOG allows you to save your CC for later use, so I guess they can buy games if he's done that. Unless it asks for the safety number. I'm not sure.

They don't actually keep the CC details, just a token. So it probably does ask for the pin. But I don't really know. There's an official thread about it, I'm sure it explains how it works. It's only an option, you don't have to do it.
https://www.gog.com/forum/general/store_your_card_for_later_use_e870c

Ah yes, don't start that one. There are threads where this is discussed, unfortunately it seems there are a majority who either buy some many games, or are unable to type a few numbers each time that got this put in. You will note a checkbox under the order for "store this card", just avoid it, its not compulsory yet.

As for hijacking accounts, well they could download all the games from the account. Was hoping they would bring in 2 step authentication for account changes. Unfortunately they have taken this to mean that every operation from loggin in etc. now has this for those of us security minded enough to set privacy options on the browser - yes thats right, security done via cookies - utter madness - so I don't expect much uptake of it which is a shame as if it was the necessary areas then I would be all over it, and it would avoid these hijacks.

During my insomnia purchases, it did ask for the CVV the first time I used the token, but it didn't the rest. Not sure if it was because I was on the same IP or because it was within 24 hours of the previous purchases, and I haven't bought anything else yet, so not sure how often they'll ask for the CVV.

Fair enough, I'm not active on this site anymore, so missed all this. I am just sorry to see it happen, but I am sure it was discussed in full. All games are available on TPB, there's no difficulty in getting hold of GOG games, no need for such extreme measures as hijacking an account. I don't believe this is the value.

Apparently some people are re-selling hijacked accounts, games included, to people who aren't aware that there's anything fishy going on. It's basically like those game code resellers, just taken to the next level.

At least most of the other times this has been done (and posted publicly on the forums) was to buy gift copies of games with stolen credit cards and resell them on places like G2A or Kinguin. An account now has to be a certain age to buy gifts from my understanding.

GOG takes off holidays and has something like half the staff on weekends. They'll respond by Monday.

The reason accounts get hijacked is money laundering. They want to use other people's accounts to make fraudulent purchases with stolen cards so that it's harder to track them. But how they get access to accounts like yours is still a mystery and unresolved security issue. One does not simply lose their account out of the blue.

Usually two avenues. Trojans/keyloggers, or stolen passwords from other sites with poor security which are sold on a black market. The first is hard to stop as new vulnerabilities pop up all the time, but good firewalls and sticking to "safe" sites should help. The second is avoided by using different passwords everywhere.

Okay, so I got Judas on my case who informed support, so I'm very hopeful. Thanks guys! Good idea! Switched PC and running anti-virus on main PC now. Thanks! Yeah, that's not really what I'm worried about. But I got a couple of gift codes for the Community Giveaway. They probably used those, I'm thinking. But well, let's see.

And of course, I'm worried about my security as a whole. I have no idea where I could have picked up a trojan. I'm usually pretty careful.

Tuesday. Monday is still a holiday, I think. It is here, anyway.