It seems that you're using an outdated browser. Some things may not work as they should (or don't work at all).
We suggest you upgrade newer and better browser like: Chrome, Firefox, Internet Explorer or Opera

×
Community
General discussion (archive)Change your Origin password(11 posts)(11 posts)
(11 posts)
Pages:
1
This is my favourite topic
Posted November 14, 2012
http://www.rockpapershotgun.com/2012/11/14/origin-accounts-hacked-maybe-change-your-password/
Rather than the phishing scam it might at first appear to be, these really are successfully changed account notifications. Which means someone has got hold of both a username and password of an account holder, and been able to circumnavigate the security that prevents an outsider being able to change such details. Because, as is mostly the norm, there isn’t any. I’ve just loaded my own Origin account, and when logged in all I need to do to change the password is know the old one. That done, the original account holder is locked out. Fairly standard, obviously.

And because your Origin account details are the same as those for your EA profile, with the same info you can log into profile.ea.com and change the email address too. The only security check to do that is, obviously, to enter the same password again. Doing this sends an email to your previously registered address, but contains absolutely no information about what it’s been changed to. So once someone’s been in and changed the details, you’ve no way of knowing what they’ve changed both your email address nor password to. They’ve got complete control of your account, and with that can even change your Origin ID.
If it's so easy to steal an account, with no easy means to take it back, then EA fucked up on the security side.
Post edited November 14, 2012 by Aningan
Posted November 14, 2012
I have not received any notification of any changes being made to my account but I'll change the password anyway. Thanks for the heads up.
I'm glad I started using KeePass for generating unique password for every account I use.
Posted November 14, 2012
done
Posted November 14, 2012
In this day and age...no man is safe

I dread to see the day when GOG is going to get hacked one day, if it happened to these gigantic companies, what chance does GOG have?
Posted November 14, 2012
avatar
Roman5: I dread to see the day when GOG is going to get hacked one day, if it happened to these gigantic companies, what chance does GOG have?
The hackers would probably run into some weird bug that keeps them from hacking the site properly.
Posted November 14, 2012
No email here... probably gonna let it ride for now, but thanks for the heads up.
Posted November 14, 2012
avatar
Aningan: http://www.rockpapershotgun.com/2012/11/14/origin-accounts-hacked-maybe-change-your-password/


If it's so easy to steal an account, with no easy means to take it back, then EA fucked up on the security side.
Yeah, I got one of these a few days ago. Had to contact EA support.
Post edited November 14, 2012 by SirPrimalform
Posted November 14, 2012
avatar
Roman5: I dread to see the day when GOG is going to get hacked one day, if it happened to these gigantic companies, what chance does GOG have?
GOG does not story credit card data, does not have wallets where people store their money, does not store a lot of personal information, does not store unique serial keys, and does not store any downloads that I can't back up locally. Of all major digital download distributors, GOG is the one where you'd be least affected from a successful hack.

Also, I strongly doubt that _Origin_ has been hacked. It seems rather that several _accounts_ on Origin have been hacked, which usually means that some users reused their passwords a bit too often. The same probably happens to GOG accounts already, though I'd assume to a lesser degree. GOG accounts aren't particularly valuable for hackers - most things that can be found there can be gotten with much less effort elsewhere.
Posted November 14, 2012
avatar
Roman5: I dread to see the day when GOG is going to get hacked one day, if it happened to these gigantic companies, what chance does GOG have?
avatar
Psyringe: GOG does not story credit card data, does not have wallets where people store their money, does not store a lot of personal information, does not store unique serial keys, and does not store any downloads that I can't back up locally. Of all major digital download distributors, GOG is the one where you'd be least affected from a successful hack.

Also, I strongly doubt that _Origin_ has been hacked. It seems rather that several _accounts_ on Origin have been hacked, which usually means that some users reused their passwords a bit too often. The same probably happens to GOG accounts already, though I'd assume to a lesser degree. GOG accounts aren't particularly valuable for hackers - most things that can be found there can be gotten with much less effort elsewhere.
I dunno.

I had one of my disposable Yahoo email accounts - which I'd had since 2007 - hacked into recently. The password was pretty uncrackable and yet, there you go.

Yahoo locked me out of the account and won't let me change the password until I give them my phone number. Which I do not want to do. :P
Posted November 14, 2012
Seeing as how this was initiated by eurogamer and mirrored by RPS, but no one else is covering it / has had problems; I'm guessing that it is restricted to the EU division of Origin.

*edit* spell check on my phone put in a really weird word.

I use Origin pretty much every day now (well, I play Origin connected games ... really just one ATM, KOA) and have no issues with my account.

more than anything else, people probably just got farmed 'cause used the same Email + password on a insecure site. not saying it isn't happening but this mostly people loosing their shit because it relates to Origin ...
Post edited November 14, 2012 by Sogi-Ya
Posted November 14, 2012
fixed
Post edited November 14, 2012 by ne_zavarj
Pages:
1
This is my favourite topic
Community
General discussion (archive)Change your Origin password(11 posts)(11 posts)
(11 posts)