(Important) Continue reading down to the bottom of the article. There is a follow up link at the bottom to a more recent explanation.
So I’ve been following the recent account thefts over at NCsoft (namely Aion and Guild Wars) pretty closely recently, not only because I play City of Heroes and if this account theft issue bleeds to other games it could affect me (gasp), but because the stories just keep getting stranger and stranger.
Case in point: An Aion account that was reportedly stolen, and looted of all of its items. The password was not reportedly changed, but the account was cleared of all items. In itself, this story doesn’t sound very exciting. Hundreds of accounts over a variety of MMOs get the same treatment every month. The account theft took place on December 19th and 21st, but take a good look at the account subscription history:
Analysis after the break…
The account’s previous payment was made on October 22nd for one month, with the next payment on December 22nd, also for one month. The account was not active during the time when the looting took place. Now, I may not be a programmer, nor do I play a sexy one on television, but I do know that when an account isn’t active, it cannot be logged into in-game, in order to transfer items/currency/etc.
Whatever the issue, it appears that NCsoft is aware of accounts being looted while inactive, and is hopefully doing something to fix what is either a bug or a very concerning exploit. One user suggested that it is possible that this may be tied in some way to the allegations of players logging into random NCsoft accounts.
Either way, I will be watching NCsoft, Aion, and Guild Wars forums religiously to keep you up to date on these security issues, as they unfold.
(Feature: This article was featured on MMOCrunch!)
MMO Fallout 
Thank you for posting my story on your site. The more exposure this gets the better. Still waiting for NCSoft to publicly address this issue.
not trying to defend aion or anything but since the account is inactive how do you know the almighty looting took place? check aiononline.com char page every day
The owner of the account reactivated it on the 22nd to find that the character’s had been looted (This is shown in the first picture). After contacting support, the support staff member confirmed that the account was looted several days earlier, and the previous day.
You forgot one little thing: We got 1 free day due longer server maintenance.
Free days are added to active subscriptions, since it is a compensation for lost game time that you paid for. Inactive subs are unaffected.
Not necessarily.
I played a MMO I’m not allowed to speak of (World of Warcraft) and I had an inactive subscription for 3 months.
Also in WoW there was an incident (typical patch day) and I checked my account site: I was allowed to log in!
So IMO it could or couldn’t matter regarding the one free day.
Ok, let’s imagine for a moment that this is the case. The GM informed me that my account was stripped on 2 seperate days, the 19th and the 21st, as is plainly shown in the screenshots.
Next theory?
Take a look at the aionsource.com forums.
The owner of the account was using bots and got himself a nice trojan.
Moron…
Hello Baldy,
I don’t know if you leave comments like this on all the websites you visit, but ending your comment with “moron” does a lot more to hurt your reputation (And by reputation I mean the likelihood anyone will support you) than it does mine.
The nature with which the account was stolen is irrelevant. What caught my eye, thus the title of the article, was that the account was inactive at the time of the theft. Unless there is a new batch of magical trojans that can allow an inactive character to log into a game, the reason the account was stolen is irrelevant. If a cocaine addict has a sudden heart attack, the obvious cause is there. When said addict passes through the floor of the building, then you have yourself a medical mystery.
Yes I have been watching a lot of House, no I have not been sleeping.
Lol, I was botting? Thanks for letting me know. That must be why I’m only level 42 with just over 1 million kinah. You direct us to look at the aionsource forums as proof of your claim? How about a link to a post? I actually know of the post you are referring to, and that was a completely different player. L2read???
Yep.
My account seems to just have been hacked as well.
But it’s much worse.
My password no longer works.
My secret questions used to reset my password have been changed.
There is no way for me to log into my paying account, no way to reset my password.
I was able to create a new temporary account using my original email address, which would mean that my original email address in my main account has been changed as well. I did this in hopes of being able to at least post in the forums, beyond the support email BS, but it has proved worthless as well.
All I do now is wait and see what Nc Softs support has to say in about a week.. it’s been half a day and no response.
I have also threatened them with legal action, and I’m thinking its worth pursuing.
Hell I cant even post on the forums in Aion, my password will not register.
User Name : Selane
Server : Lumiel
There are a few posts somewhat recent with my name in them in the forums..
Basically, right now, I dont even own my own account.. and freaking NcSoft is ignoring me..
Great thought about all of this.. what if these freaks got my credit card number of out of this??
Weak.
My account just got hacked as well. I have never botted, never bought kinah, never given out my password. I have a firewall and Norton running on my PC. Logged off at 1:30am. Woke up at 9am and tried to log in for double xp and password didn’t work. Went through emails and saw that someone with an IP address that I tracked to Australia had reset my password and questions and changed the email.
Submitted a ticket to Aion and provided them with all sorts of info (original name and DOB I used, serial codes, etc).
No resolution as of yet. I looked on the server at my main and alts . . . all have been stripped. I didn’t have any gear that was brokerable, but had some Balic mats in my warehouse that I am sure are gone. Just managed to cobble together enough mats so that most of my gear was finally near level and mostly blue.
Would be great if NCSoft would track where the gold from those sales went. I have heard that NCSoft doesn’t do anything to help restore your gear. I am thinking about quitting. I don’t need to pay money to play a game that isn’t safe, especially when I haven’t engaged in risky activity. Their game isn’t safe, your shit gets stolen, and the expect you to keep paying.