Because law enforcement, bank fraud departments and credit card agencies give very little shits about what is probably one of the most common crimes most people experience (ever known anyone carjacked or robbed at gunpoint? probably not - how many of your relatives over 50+ have had their identity stolen or card misappropriated?).

So they probably dragged the poor sap through the mud for almost two years before the disputed fraudulent transaction was tracked down, confirmed, reconfirmed, the bank decided it kinda sorta *maybe* cared after it got it's money back etc etc etc...

... and it took all that time to FINALLY address the crime to the point that the "stolen goods" were recovered (in this case, the key bought with a stolen credit card).

We *seriously* need to invest in better cyber-crime protection / prevention. It's so hard because often you're dealing with massive data breaches, international borders, obscure transactions God knows where on the web etc etc etc. So these people never get tracked down because it's hard for the "local" institutions to do it, it's expensive, and no one wants to claim jurisdiction because they don't know HOW to solve the crime, WHERE to find the perps and frankly don't care about the sums involved...

... which is why they've become so brazen in the US that they feel comfortable locking down major municipal systems for money (hospitals, govts, schools, utilities etc). Hopefully THAT gets someone's attention, but for now, ID / credit card theft - despite the damage it does to so many people, falls into the category of "not my problem, don't care, can't fix" ...

... except sometimes when it DOES get "rectified" ...

...

... 2 years later...

Until you're looking for something, it's easy to not notice it's missing.

Regardless it's all in the SQL database that only a handful can access to investigate.

Yup, well said.

Ohhh man, really sorry to hear it :/
It happen to me once and I know how terrible it is.

Yeah, oh well - my bad. I hope the poor soul that lost their credit card got their money back at least.

In that case, you might want to update your automatic and boilerplate replies. Here is part of a message I got for my ticket only two days ago:
"Please be aware that we are currently experiencing heavy support traffic, therefore response times are higher than usual. We appreciate your patience and understanding."

Won't help you much right now - but at least CP2077 has become much cheaper recently whenever it is on sale ... so the best way to solve this issue for goos might be to purchase it officially again here on GOG when it is on sale again. It hurts, I know (depending on the price you paid originally already) but you learned a lesson (the hard way) and probably won't use resellers again which will protect you in the future from experiences like this (zjose problems are not unknown with reseller so yes, you should avoid them like the pest).

Yep, who burned with boiled milk, see a cow and cry.

Interesting, at the time of my original post I got a response within 12 hours, which was informative and friendly. Hope your issue gets sorted.
Yup! It's okay, lesson learned :D
Interesting, I've never heard that expression before. Does it mean what comes around, goes around?

And out of curiosity, what language did it originate from?

It's from spanish, it means when you have a bad experience you will always remember it, after the key was revoked, I never purchase a game in a Keyreseller page, no matter if it is cheaper.
The correct translation is this: the one who got burned with milk, sees a cow and cries.

Where did you buy it?

Your achievements are still in your profile, so I suppose one of your 3 games should still be CP2077. Go here on your browser:
https://www.gog.com/en/account

Do you see CP there?

Ahh, interesting and very true - thanks for the explanation! :)

I enjoyed learning this. You never know when you're going to stumble upon a new perspective or phrase, I guess.