It seems that you're using an outdated browser. Some things may not work as they should (or don't work at all).
We suggest you upgrade newer and better browser like: Chrome, Firefox, Internet Explorer or Opera

×
Community
General discussionCan I get support to walk through getting my account back?(20 posts)(20 posts)
(20 posts)
Pages:
1
2
This is my favourite topic
Posted June 10, 2015
Sent in a ticket the other day about my account being compromised and supposedly it got fixed this morning. But, it didn't get fixed and my account is still being used by someone. I think support my have misunderstood my ticket, and was hoping if there is any way to have support to do a sort of walkthrough with me or something until the problem is sorted out.

I'm not sure what support did but I think they may have just restored my email and password to the original. But that just makes it easy for whoever took my account to reenter that same info and take it again before I get the chance to reset it. I just want them to give me a password or a link in an email so I can go ahead and reset it myself.

I do enjoy GOG, but this is making me worry about my account or any info on GOG if I do get my account back. I'm usually careful with my info and not entirely sure how my account was compromised. I already sent in a ticket, but not sure if they'll be able to sort it out again. Just don't want to have to go through sending a ticket and waiting another day or two (no patience).

I really hope they beef up their security though.
No posts in this topic were marked as the solution yet. If you can help, add your reply
Posted June 10, 2015
Why don't you just change your password yourself?

https://www.gog.com/account/settings/personal
Posted June 10, 2015
avatar
oipluckie1: Sent in a ticket the other day about my account being compromised and supposedly it got fixed this morning. But, it didn't get fixed and my account is still being used by someone. I think support my have misunderstood my ticket, and was hoping if there is any way to have support to do a sort of walkthrough with me or something until the problem is sorted out.

I'm not sure what support did but I think they may have just restored my email and password to the original. But that just makes it easy for whoever took my account to reenter that same info and take it again before I get the chance to reset it. I just want them to give me a password or a link in an email so I can go ahead and reset it myself.

I do enjoy GOG, but this is making me worry about my account or any info on GOG if I do get my account back. I'm usually careful with my info and not entirely sure how my account was compromised. I already sent in a ticket, but not sure if they'll be able to sort it out again. Just don't want to have to go through sending a ticket and waiting another day or two (no patience).

I really hope they beef up their security though.
Very busy and sleep time in their country,and unfortunately patience is the key.
Posted June 10, 2015
avatar
oipluckie1: Sent in a ticket the other day about my account being compromised and supposedly it got fixed this morning. But, it didn't get fixed and my account is still being used by someone. I think support my have misunderstood my ticket, and was hoping if there is any way to have support to do a sort of walkthrough with me or something until the problem is sorted out.

I'm not sure what support did but I think they may have just restored my email and password to the original. But that just makes it easy for whoever took my account to reenter that same info and take it again before I get the chance to reset it. I just want them to give me a password or a link in an email so I can go ahead and reset it myself.

I do enjoy GOG, but this is making me worry about my account or any info on GOG if I do get my account back. I'm usually careful with my info and not entirely sure how my account was compromised. I already sent in a ticket, but not sure if they'll be able to sort it out again. Just don't want to have to go through sending a ticket and waiting another day or two (no patience).

I really hope they beef up their security though.
avatar
gunsynd: Very busy and sleep time in their country,and unfortunately patience is the key.
I can't change my password because they changed my email. To be able to change your password requires an email but they changed my email so I'm not able to change the password.

Also yea, patience is something I lack in. I'm mostly just worried, but I know that they will sort it out.
Post edited June 10, 2015 by oipluckie1
Posted June 10, 2015
avatar
oipluckie1: I can't change my password because they changed my email. To be able to change your password requires an email but they changed my email so I'm not able to change the password.
You mean the hijacker also has access to your email account or that they've changed the email your GOG account is linked to? You said that GOG support restored the email and password back to the original yeah? Well they've done that so that you can then change them to something the hijacker doesn't know. That bit is up to you.
Post edited June 10, 2015 by SirPrimalform
Posted June 10, 2015
avatar
oipluckie1: I can't change my password because they changed my email. To be able to change your password requires an email but they changed my email so I'm not able to change the password.
avatar
SirPrimalform: You mean the hijacker also has access to your email account or that they've changed the email your GOG account is linked to? You said that GOG support restored the email and password back to the original yeah? Well they've done that so that you can then change them to something the hijacker doesn't know. That bit is up to you.
Unfortunately, you can change your e-mail address on your account by just having the password. Since the hijacker already has the old password, they can change the e-mail to something new, then change the password using that new e-mail, blocking the real account owner out.
Posted June 10, 2015
avatar
cogadh: Unfortunately, you can change your e-mail address on your account by just having the password. Since the hijacker already has the old password, they can change the e-mail to something new, then change the password using that new e-mail, blocking the real account owner out.
Which is presumably why GOG reset it, so that the OP can do that before the hijacker. I'm guessing they weren't quick enough though.
Posted June 10, 2015
avatar
cogadh: Unfortunately, you can change your e-mail address on your account by just having the password. Since the hijacker already has the old password, they can change the e-mail to something new, then change the password using that new e-mail, blocking the real account owner out.
Which, I think, already happened for the second time.
Posted June 10, 2015
avatar
cogadh: Unfortunately, you can change your e-mail address on your account by just having the password. Since the hijacker already has the old password, they can change the e-mail to something new, then change the password using that new e-mail, blocking the real account owner out.
avatar
SirPrimalform: Which is presumably why GOG reset it, so that the OP can do that before the hijacker. I'm guessing they weren't quick enough though.
They need to simply set the password to something new/unique and temporary, restore the original e-mail account, then notify the real account owner of the of the new temp password so they can change it themselves. It's not rocket science, but it seems to be beyond GOG's capabilities.
Posted June 10, 2015
avatar
oipluckie1: I can't change my password because they changed my email. To be able to change your password requires an email but they changed my email so I'm not able to change the password.
avatar
SirPrimalform: You mean the hijacker also has access to your email account or that they've changed the email your GOG account is linked to? You said that GOG support restored the email and password back to the original yeah? Well they've done that so that you can then change them to something the hijacker doesn't know. That bit is up to you.
If i was able to get the msgs that the support team changed my password right away then I could go ahead and change it before the hijacker can have access to it again. The hijacker does not have access to my email address it seems cause i always check every once in awhile to see if anyone had access to my email address.What I was trying to say is that I don't know when I get the email that they restored my info, but by the time I notice I got the email, the hijacker must have already changed it by the time I was able to get on it. Cause I can see the person on my account online through the forums, and they're on it constantly.

I would like for them to restore my account to the original email address and give me a temporary password so I can change the password myself. That would seem to be the easiest option.
Posted June 11, 2015
Still no word about my account ._. , but I opened up my chromebook today and it was somehow still logged into my original GOG account and the email address is definitely not mine. It's some weird email ending with @gmai. I tried changing my pw or email but it required me to log in. I looked up gmai and I've read that it's not even a legit email.

gmai.com is a phishing email or something like that, which is obviously suppose to be gmail.com. Not entirely sure how that works.
Post edited June 11, 2015 by oipluckie1
Posted June 11, 2015
avatar
oipluckie1: Still no word about my account ._. , but I opened up my chromebook today and it was somehow still logged into my original GOG account and the email address is definitely not mine. It's some weird email ending with @gmai. I tried changing my pw or email but it required me to log in. I looked up gmai and I've read that it's not even a legit email.

gmai.com is a phishing email or something like that, which is obviously suppose to be gmail.com. Not entirely sure how that works.
As long as you haven't logged out of the site, you still have the browser cookie that allows you access, even if the password and e-mail has been changed*. It doesn't help you get your account back, but you should be able to access your library at least.

*and this is why no one should ever access their GOG account via a public computer or really any computer that is not your own. I wouldn't be surprised if this cookie flaw is one of the exploits used to hijack some of these accounts.
Posted June 11, 2015
avatar
oipluckie1: Still no word about my account ._. , but I opened up my chromebook today and it was somehow still logged into my original GOG account and the email address is definitely not mine. It's some weird email ending with @gmai. I tried changing my pw or email but it required me to log in. I looked up gmai and I've read that it's not even a legit email.

gmai.com is a phishing email or something like that, which is obviously suppose to be gmail.com. Not entirely sure how that works.
avatar
cogadh: As long as you haven't logged out of the site, you still have the browser cookie that allows you access, even if the password and e-mail has been changed*. It doesn't help you get your account back, but you should be able to access your library at least.

*and this is why no one should ever access their GOG account via a public computer or really any computer that is not your own. I wouldn't be surprised if this cookie flaw is one of the exploits used to hijack some of these accounts.
Yea, I don't remember logging into my GOG account on my chromebook. But I've only accessed my GOG account on my computers, so I'm not sure how else they were able to access it.
Posted June 11, 2015
avatar
cogadh: As long as you haven't logged out of the site, you still have the browser cookie that allows you access, even if the password and e-mail has been changed*. It doesn't help you get your account back, but you should be able to access your library at least.

*and this is why no one should ever access their GOG account via a public computer or really any computer that is not your own. I wouldn't be surprised if this cookie flaw is one of the exploits used to hijack some of these accounts.
avatar
oipluckie1: Yea, I don't remember logging into my GOG account on my chromebook. But I've only accessed my GOG account on my computers, so I'm not sure how else they were able to access it.
A lot of times the breach is caused by using the same email/password combination for other sites. Say a site where you ordered an office chair, or a site with some 'bio' food. Sites like that don't have high security and can be breached. The attacker gets a list of email/password combinations and then tries those combinations on other sites until they get a hit.
Posted June 11, 2015
avatar
oipluckie1: Yea, I don't remember logging into my GOG account on my chromebook. But I've only accessed my GOG account on my computers, so I'm not sure how else they were able to access it.
avatar
Aningan: A lot of times the breach is caused by using the same email/password combination for other sites. Say a site where you ordered an office chair, or a site with some 'bio' food. Sites like that don't have high security and can be breached. The attacker gets a list of email/password combinations and then tries those combinations on other sites until they get a hit.
I'm pretty good about that too, having different pw's for many different sites. Maybe I made a boo-boo somewhere, but I really hope this gets solved soon.
Pages:
1
2
This is my favourite topic
Community
General discussionCan I get support to walk through getting my account back?(20 posts)(20 posts)
(20 posts)