Hello I just had to recreate my gog account with the same email address after It said no account exists. I currently have a ticket open and I cannot access any of my purchases. Any assistance would be great, thanks.

I guess you used Witcher 3 with Galaxy, right?

At any rate, my advice is to do the two following things:

1) Contact support and explain the problem to them.
2) Start a conversation with Firek, the person responsible for GOG's support and explain to him your problem, as well.

Hmmm... the plot thickens.

Yep, and it's starting to scare me a bit.

I'm that guy who didn't use Galaxy (mentioned above) and whose account was hacked. Thanks to cookies, I still can have a voice/download things.

Some folks also tried to use my HumbleBundle account, but I changed the password for that just recently. I made the mistake of using the same secure password for Humblebundle, and the folks there let me know about some strange, unusual access going on.

I suspect that as others have stated, the hackers will try to use the same password on similar sites. If your account has been compromised, check other accounts.

I am unsure if you will see this post as my previous posts have not become visible. Maybe, GOG.com is monitoring this account.

I can see this post, but what do you mean when you say that your other posts aren't visible? Also, you might have not been using Galaxy, but were you playing Witcher 3?

Quoting it for you.

[edit] Ninja'd.

Very strange,I come here and no where else.I start up Wise Care 365 and there is
always privacy risks that need to be deleted.Coincidence?
Only happened is the last three weeks.

Ever since the 2011 Sony PSN hack, ALL of my passwords are different. That hack scared me out of that bad habit.

Sorry, I should have clarified. My attempts to post replies were taking longer than usual, and so i could not see whether my posts/comments were actually being posted.

No, I've not been playing Witcher 3. The new e-mail address listed is an address with ".ru", if that helps.

Also, I'm not in the Russian Federation but in the US, unless Russia has made some incredible territorial gains today.

Question is - are they getting emails+passwords off of GOG and trying them on other sites or vice versa?

Did any of you who use gog.com and who had his/her account hacked use humblebundle?

The obvious answer would be that the people with hijacked accounts used the same email and password on some other service, whose username/password lists were breached. Didn't someone mention using the same password for e.g. Wartune, and that its accounts were hacked?

So it may well be it is merely coincidence that these hacked accounts happened after Galaxy launch. Maybe due to TW3 launch GOG.com simply got so many new users (or old users which were inactive before) with widely used passwords, and also more attention from hackers trying to use the same email/password.


If two-step authentication comes, I hope it will be optional (enabled by default is fine by me, as long as I can disable it), OR limited only to cases where someone tries to e.g. change the password and/or email. Otherwise I will have to re-enter the verification code probably every time if I visit GOG.com with a web browser, as I've configured Firefox to delete cookies and other temporary data on exit.

Then again, if the reason for changing your email is because your old email has become non-functional for some reason, how can you change the email address to a working one then? The verification code would be sent to the non-working email, right?