Community Relations Archive
Thread: Unauthorized use of account information
ElbowJane wrote:
Since I have not used that name anywhere else, ever, and I have scrupulously opted out ofall mailings, etc...
Zaina Fazia
Opting out of mailing lists (emails, not ordinary mail) does not work in 99% of the cases. Selling valid email adresses (those read by human eyes) is a lucrative business.When you reply to spam email the sender knows that itisa valid email adress. Your best option is to ignore those posts.
Some companies who sell email adresses do regular scans of ICQ profiles to get email adresses. And I'm sure they scan other sources too.
Message Edited by 1963explorer on 06-08-2005 02:54 PM
Blimigerite wrote:
I'd laugh if my toon got pre-approved for a credit card
Actually, it's quite probable you will some day. My son and daughter get them all the time and they are both pre-school aged. My dog got a credit card offer several years ago. I almost responded with a paw-print stamp on the signature line
. Now, if a pre-schooler and a dog get them, it won't be long until your character gets one. I'll really begin to worry when I start getting the credit card offers via in-game e-mail
Gothywench makes an excellent point: this isn't necessarily an SOE issue. Using a character name anywhere else means there's another potential gateway to what happened.
Having said that, however, Anthemion's request is entirely valid. SOE needs to make sure its subscriber information is not being distributed without its (or our) knowledge and consent.
If we've already explicitly given our consent by accepting the SWG license agreement or EULA, it would be helpful to have that said clearly here.
Otherwise, if an internal look reveals that subscriber information is somehow exiting SOE without subscriber consent, thenit's notonly a matter of courtesy to informsubscribers -- it may berequiredby California law. (Specifically, the "California Information Practices Act".)
Here are the relevant bits froma Forbes.com article on this law:
"The law contains a provision that requires companies with customers in California to inform those customers when they detect computer break-ins that could put their personal data at risk. "
"Companies need not have offices in California to be affected by the law, nor must affected computers be located within the states' borders."
"The law requires that companies notify customers living in California by e-mail or by postal mail even if there's a possibility that that customer's personal data has been compromised. Failure to comply leaves companies open to civil penalties and class-action lawsuits."
(Again, this is not me trying to scare anyone; these are quotes from a Forbes.com article on the subject of the California law.)
I'm not a privacy fanatic, butmy privacydoes matter to me. Like Anthemion, I'd like to know if my subscriber information has been sold without my knowledge, and I think that information should be provided publicly to myself and other SWG subscribers. If afterinvestigatingthe answer is an honest "nope," I'm willing to accept that.
--Flatfingers
Message Edited by Flatfingers on 06-08-2005 11:23 AM
Flatfingers wrote:Gothywench makes an excellent point: this isn't necessarily an SOE issue. Using a character name anywhere else means there's another potential gateway to what happened.
*nod* I'll have to see if I can drum up the article. We had been talking about it at Fan Fest a lot of people had quite a bit to say about this type of thing. I think it was while we were sitting around talking about someone who's acct had been hacked.
A big discussion ensued and the concensious was...Do not use your stationname/password or charname/password on a NON SOE site.
Apparently someone's fan site, a guild website had been hacked. And someone pulled all the username/passwords from their forums and was able to log into the game and screw people over.
Bah flop wrote that it would be scary to get e-mail offers in game.....
EQ2 had their pop up visa on the sign in sheet a month or two ago...........
(ps) sorry about double (sorta) post
I expect SOE to contact the advertiser to determine how the information was obtained and if there was any breech of SOE’s privacy policy.
Message Edited by Anthemion on 06-08-2005 04:56 PM
Anthemion wrote:
Everyone, please note that this subscriber's HOME ADRESS was attached to the name of a SWG subscriber’s avatars. An advertiser acquired this information and sent some form of junk mail to that player’s home. The claim is that the subscriber has not used the avatar’s name anywhere else on the internet.
I expect SOE to contact the advertiser to determine how the information was obtained and if there was any breech of SOE’s privacy policy.
Message Edited by Anthemion on 06-08-2005 04:56 PM
The difficulty with that is that the account details and the character names are NOT kept in the same files. Maybe not even on the same server.
The account details have no links whatsoever to any characters you own.I'm quite sure it would be impossible for a hacker to get hold of both the home adress and the player name from any data kept by SOE.
I'm reasonably sure that any personal details SOE or LucasArts shares with it's affiliated partnersdoes not contain any of your ingame names. Companies need real names not cyberspace names.
Any alledged 'foul play' by anyonefrom SOE orLucasArts would mean that someone got access to your account info but then looked up your character name in stead of using your real name.
The bottom line is: why would anybody with access to your full account info NOT use your real name. Even with only your home adress it has to be easier to find your real name then the name of one of your characters.
Iniaes wrote:
LET ME START BY INTRODUCING MYSELF PROPERLY, I AM MR. TIJANI YUSUFU CREDIT OFFFICER WITH THE UNION BANK OF NIGERIA PLC (UBA) BENIN BRANCH, I CAME TO KNOW OF YOU IN MY PRIVATE SEARCH FOR A RELIABLE AND REPUTABLE PERSON TO HANDLE THIS CONFIDENTIAL TRANSACTION, WHICH INVOLVES TRANSFERING HUGE SUM OF CREDITS FROM AHAZI TO BRIA REQUIRING MAXIMUM CONFIDENCE.
??
blazse wrote:
Iniaes wrote:
LET ME START BY INTRODUCING MYSELF PROPERLY, I AM MR. TIJANI YUSUFU CREDIT OFFFICER WITH THE UNION BANK OF NIGERIA PLC (UBA) BENIN BRANCH, I CAME TO KNOW OF YOU IN MY PRIVATE SEARCH FOR A RELIABLE AND REPUTABLE PERSON TO HANDLE THIS CONFIDENTIAL TRANSACTION, WHICH INVOLVES TRANSFERING HUGE SUM OF CREDITS FROM AHAZI TO BRIA REQUIRING MAXIMUM CONFIDENCE.
??
You mean all I have to do is transfer 100,000 credits from Ahazi to Bria and Bria will send me back 10,000,000 credits for my trouble! It sounds so easy, let me give you my account number so we can start this right away
P.S. Never give any of your personal information to anyone saying they are from Nigeria. That is where a lot of lottery scams and wire transfer fraud originates. If it is too good to be true, it usually is. If you get pressured into giving away any information talk to your bank immediately and let them help you secure your funds. They take fraud very serious and don't want to see anyone lose money from these types of cases.
Blimigerite wrote:
blazse wrote:
Iniaes wrote:
LET ME START BY INTRODUCING MYSELF PROPERLY, I AM MR. TIJANI YUSUFU CREDIT OFFFICER WITH THE UNION BANK OF NIGERIA PLC (UBA) BENIN BRANCH, I CAME TO KNOW OF YOU IN MY PRIVATE SEARCH FOR A RELIABLE AND REPUTABLE PERSON TO HANDLE THIS CONFIDENTIAL TRANSACTION, WHICH INVOLVES TRANSFERING HUGE SUM OF CREDITS FROM AHAZI TO BRIA REQUIRING MAXIMUM CONFIDENCE.
??
You mean all I have to do is transfer 100,000 credits from Ahazi to Bria and Bria will send me back 10,000,000 credits for my trouble! It sounds so easy, let me give you my account number so we can start this right awayP.S. Never give any of your personal information to anyone saying they are from Nigeria. That is where a lot of lottery scams and wire transfer fraud originates. If it is too good to be true, it usually is. If you get pressured into giving away any information talk to your bank immediately and let them help you secure your funds. They take fraud very serious and don't want to see anyone lose money from these types of cases.
He is making fun of the Nigerian Scam - very similar in style and content. I get these all the time and report them if I can glean the real email address from the message.