truckerpunk: Thanks, mate. The two-step authentication was (luckily) already enabled, that's why I got the notification. Was just wondering if it was a site-wide attack, and/or if the hackers got my login-info from other locations.
AB2012: If it were site wide you'd definitely see a lot more people complain. It's possible that someone got your e-mail address from a leak on another site (there's a ton of them these days). The only other thing I'd suggest is making sure you have a strong password for your e-mail / changing it if you think it's been leaked recently. At the very least I'd definitely make sure your e-mail password and GOG password are not the same and preferably, keep your e-mail password completely unique and never reuse it for any other site as that's one obvious defeat for the two-step authentication (not just GOG but everywhere).
Yeah, I was thinking I'd see more topics here if it was site-wide.
I'm not using the same password for "important" accounts, as I do my internet logins.
I blocked the IP from incoming traffic on my machine, and changed my password on GOG.
Guess that's what I can do for now.
Thanks for the replies.
