Hi, if you are new to eve online be sure to make extra sure that your account is secure.
6 weeks ago today one of my Corp directors had his account hacked, he lost over 20 bn in ships and isk, the Corp was also robbed of all our assets, isk bpos, ships, stations. This heist has affected at least 8 members of our Corp. That was 6 weeks ago, yesterday ccp contacted my director, bearing in mind his account was suspended during this period and he has not been able to play for six weeks. Ccp have agreed that his account had been hacked, they clearly stated that all assets lost would not be replaced as this is not their policy. They gave him 6 weeks omega and reinstated his account, he has no isk no ships,so before he can even play he would have to plex and give ccp more money before being able to play the game again. Iâm absolutely disgusted with the outcome of this, I submitted a ticket as the ceo of the Corp but I still havenât had any reply, but I think I will get the same email my friend did. Sorry but your not getting your stuff back. Disgusting disgusting disgusting, ccp are getting no more money from us. Sack the idiots working in security.
Two options:
- he was âhackedâ and he himself robbed the corp.
- heâs been RMTing and the gold sellers took his stuff
He may as well have been hacked, but thatâs most likely not an issue with CCP security. Either the man didnât have two factor authentication enabled or the e-mail he assigned for the account has been hacked. Both are factors outside CCP control
No he wouldnât. He has to start from almost nothing, but youâre telling us that he lost access to agents, or asteroid belts?
Hell if his corpmates chipped in for a basic ship fit heâd be back on his feet in days.
That does not sounds like a CCP problem though.
With minimal effort you can add MFA that protects your account a lot. CCP has no control (as others have stated) how you access and managed your account. If you get compromised why is that CCPâs fault?
Because the average personâs understanding of digital security is somewhere between âcatâ and âMexican jumping bean.â Thatâs why companies like banks have entire fraud departments, and can roll back damage thatâs done to victims, because theyâre able to follow the trail of their assets through the financial system. CCP could do that too, they just choose not to.
Each of my EVE Online passwords are unique, 63-characters long, and randomized for increased security. Something like: 16vCxGx7%ozFoE4dmH8C!IKysdl1J3j&xkeAH7kwzi2y8Y9mcEq9r6JJLw@2i . Password managers are beautiful for keeping passwords long, randomized, and unique for added security even if you donât enable MFA. Do this for both your EVE Account and Email account (my email password is 99-characters long).
If someone has access to your computer, and can see the passwords in the manager, it does not matter if it is 1 char long or 1000. They have it 
Did CCP change the policy about this? A friend from me was hacked many generations ago, before the dawn of time (maybe 8 years ago).
He did not get the items back because they might have been already on not involved accounts (from selling), but he got the value in ISK.
But with the MFA it should be way harder to hack an account. Because you also need the email of this. It is more likely that they hacked the Email, and could change the PW for EVE and had access to the verification code (my guess).
So much for that all the Skillpoints you can buy are trained normally and just extracted from charactersâŚ
Another reason not to join a corp.
oh just give it up already.
Windows Key + L = Lock screen (or equivalent). Combine with something like Bitlocker or Encrypted LVM. Things like Yubikey are nice but not even necessary in this case. Password managers log you out after every query unless you specify a limited duration for which to maintain access. So if I specify 5 minutes and lock my screen, tough luck getting access.
So the gist Iâm getting here is that because his security wasnât good enough he deserves to lose all his stuff?
So if I break into your garage and take your car but you have my face and name and you can get me, I still get to keep your car right? We arenât blaming CCP for what happened, weâre asking them to put it right.
CCP know the situation, the account was clearly not accessed by him and things were taken belonging not just to him but all of our corp. Either reverse the transactions or reimburse the total ISK amount lost, it should be that easy.
CCP appears to take the stance of âif the account compromise was not due to CCP negligence, CCP is not responsible for reimbursement of your lossesâ. The same with any in-game scam or con artistry, except that if they can track down the people involved in an account compromise, they will try to block their future game access, since the account compromise is a violation of the EULA/ToS.
It is the responsibility of each player to maintain the security of their account credentials. Thatâs also clearly spelled out in the EULA/ToS.
Also, comparing this to bank fraud behaviors is not a good parallel - governing regulations vary wildly around the world (the USA and Canada have completely different liability rules for fraud, for example) and involves actual crimes. Iâd be hard-pressed to find a country where video game account compromise is firmly classed as a violation of law, in no small part because the internet is still so new compared to the legal systems involved, and the absolute ages it takes to create new laws.
If someone steals your car you only get it back if the police recover it. Otherwise, itâs up to you to have an insurance policy.
Because Eve has a player driven economy, CCP canât restore items or ISK unless they can recover it from the perpetrators. CCP have given us the tools we need to secure our accounts - itâs up to us to use them.
If you leave your house unlocked and uninsured and someone steals your stuff then yes, you deserve to lose it. Thatâs the only way many of us learn - the school of hard knocks!
Yes. This is also true in real life.
This is a legitimate concern. Gold sellers could easily use the âmy account has been hackedâ card as a means by which to farm and sell.
This is not a comparable situation. A car is a physical asset, not a digital asset. You donât know if you have the perpetrators âfaceâ, and even if you did, legal remedies in that situation vs this situation is limited.
This.
The problem is, you do not have the car anymore (if you do, you are a bad thief 
). The car is already over the border and someone else has it. Or it is sold in pieces all over the country.
And this is the problem. CCP could maybe see who got the items/ISK in the first place, and they might ban this character. But what if these are not involved in the Hack? You cannot ban hundreds of players, just because they got a transfer from this hacked account.
And no, he does not deserve it. Being hacked and robbed is by far the worst that can happen to an account (imo). Especially since the Skill Injectors that steal even the Skillpoints.
But CCP is also really limited in the way to solve this. They cannot just restore the account and give him everything back (even though i heard they did it in the past, but might be with way less assets). And they cannot just tranfer everything back, because it might involve way more player, who had nothing to do with it.
And on the other hand, if CCP would do it, too give all back all the time, way more would fake a hack to gain easy ISK (YES, player would do it, because some player are this way).
I am not sure what i would do, when my account would be hacked like this ( and i have way less assets). But i don`t think that i would play this game anymore and just quit.
Definition of hacked: Gave account info/password to someone else
The fact that 8 others were involved shows they were sharing accounts.
8 others? If you refer to âothersâ being corp mates and me no, it wasnât being shared.