[2020] Still heard nothing from jagex on why a hacker was given control of my account for 45 BIL via recovery. Something is wrong no one should have known my username and I’m not the only one hacked like this recently

Original Post — Direct link

Want to point out a few things first

My account isn’t banned, I’m not making this thread as some kind of appeal. I kept getting accused of rwting the gold again, if this was the case I would have shut up and taken my money.

After the post I got several pms and links to other people who got hacked in similar ways, with no way to know the username.

I was lax with my pin settings as my username could never have been known by anyone, others has said the same and it is possible someone is recovering using display names for huge wealth accounts. I also had 2-f on and jagex guardian, it was insane to think anyone would have got my account via recovery with none of the security settings I had. This raises some worrying questions about Jmod integrity, remember this is over gold to the tune of £25,000.

I have had a huge rs bank many times very pubically for like a decade of staking now, yet no one has ever found out my username or recovered on me before, something recently has changed to allow this.

I just want a jmod response (or pm) telling me what made them let a hacker into my account. I had 2-f set up and my email was not compromised. Everything on my end was kept secure yet jagex handed over my account, this would never have happened with any other company, letting them instantly bypass 2-f, email, jag guardian and my password to instantly get into my account is worrying to say the least.

Edit: Regarding social engineering/database leaks. First off, my account username was some random words I have never entered anywhere but the client, and had name changed about 10 years ago before I ever went public on the account (was a summoning tank, had a random name before 999134thpure and summoning tank). If assuming they somehow got this anyway from something I missed, isn't it a massive security issue that my account was given away with no locked period, to someone who only knew public information about me, and didn't have my email (which I have used only 2 on the account for its 10 year+ history), my recovery questions/jag guardian, my password (I change this every few weeks when active, and I had a new password about a week ago, no leaks here) or access to my phone for 2-factor.

External link →

almost 6 years ago - /u/Mod_Kelvin - Direct link

Hi - you have, Player Support sent you a message to your message centre on 6th July at 14:24 UK time, though i can see you've not read it yet. That explains what has happened. Thanks

almost 6 years ago - /u/Mod_Kelvin - Direct link

Originally posted by mazrim_lol

What is this? This is referencing the recovery I GAVE, not the hacking one.

"I've taken some time to look over your account and the course of events that occurred, I can confirm that any person to have submitted an appeal was able to provide us with information which included transaction ID’s, CC details, contact details and recovery answers.

Please note that the creation information for the account was also provided, including creation date, and furthermore the appeal was submitted from the same location as the creation location of the account. "

You need to check this again because it sounds like this was the recovery attempt that I used to secure the account giving these details, not the one that was from the hacker.

That inbox message explains the hijacking. TLDR is that the hijacker had a host of strong info (enough to say that they were the original owner of the account...), and that was the basis of them gaining control of the account. No smackdown...just what has happened, plain and simple

almost 6 years ago - /u/Mod_Kelvin - Direct link

Originally posted by mazrim_lol

Your message is cryptic and includes my appeal for what info they had, there is no way they had my jag guardian answers or transaction IDs (my email was secure).

Then why was instant access given when a pin was pending, and why was my 2-factor ignored? What is the point of the 2-factor when it was bypassed instantly.

We did say in the inbox message they had credit card info and transaction IDs, I'm afraid, as well as a great deal of other information. It does look like you've had a serious amount of information compromised.

almost 6 years ago - /u/Mod_Kelvin - Direct link

Originally posted by mazrim_lol

I mean I want to know where they got all this information jagex says they have on me?

Not from me directly via my email as that has been secure, I haven't mentally let jagex off the hook yet for having lost my data internally...

We didn't lose any info. The appeal came in with all the info we have mentioned, and was identified as the owner based on that info. I am unable to see how the info was compromised - there are many suggestions on this thread. Best advice is the that given on the Support Centre.

← More from Old School Runescape

Recent Old School Runescape Posts

1 day ago -

1 day ago - /u/JagexAyiza

2 days ago -

Recent Old School Runescape Posts

Further Project Rebalance (Skilling) & Varlamore Changes

Group Boss - Varlamore: Part Two

Can we get maintenance announced on the homepage/launcher please?

RuneFest 2024: More Tickets Available May 15th!