Okay so being hacked is a pretty terrible thing to have happen, and in many respects you could argue that using the same email and password as you use for WoW (as I did for GW2) is a pretty irresponsible thing to do (although in 7 years of WoW, and having used my email for WoW, banking, MSN, Skype, Facebook et al. I have never once been hacked).
Last night, I got hacked and was like "oh, how did that happen?" Apparently people are able (once logging into your account) to change the email of your GW2 account without your authorisation. To put this simply, if you want to change an email for your battle.net account it'll work like this:
Current email: email1
New email: email2
> log in using email1
> change to email2
> email gets sent to email1 asking for verification
^ the third step does not happen in the GW2 email changing "thing".
So now I'm left with two options:
- email a support ticket to A-Net (I've done this)
- let my account be forever hacked and lost
I sent in a support ticket and this was the response I got after supplying my CD key, RL information, passport photo etc. Giving away pretty much my entire identity - this was the received response:
"Thank you for contacting NCsoft! We have been receiving an overwhelming response to Guild Wars 2 and we are doing our very best to answer questions as quickly as possible. You are receiving this automated message based on information provided in your original submission that indicates that we may be able to answer your question with the information provided below. As a result of this we are no longer accepting new tickets. Thank you for your patience."
NCSoft (rather the automated message) gives you this link and asks for the following information (which I have already supplied by the way):
1. Go to account.guildwars2.com/recovery
2. In the Email / Account Name field, enter the email address used for your Guild Wars 2 account.
3. In the Serial Code field, enter the serial code you registered to the account.
4. In the Character Name field, enter the name of an existing character on your account.
5. Click Verify.
Be sure to set your account password to a strong, unique password that you've never used anywhere else!
So naturally I go to the supplied link and put in all my details and this is the ultimate response I recieve:
"There's been an error. Please contact support."
Thus, the loop begins: contact CS > get automated email > get told to click on link and supply information you've already supplied > get told to contact CS
Surprisingly, I then did a bit of digging and found this thread:
That's 17 pages of notified complaints. At roughly 45 new posts per page, that's a total of 765 hacked accounts. This of course doesn't include the myriad of people who cannot post because ... they've been hacked and thus they can't log in. Anyway I digress. I'd like to know, ultimately, in an age where so much of our information is available to people - why, when we're paying £50 for a game, the said game doesn't come with any means of protection. The security systems in place are completely non-existent and the systems to fix these issues are non-existent too. I'm completely stumped.