The Transformers Forged to Fight community has officially moved to Discord. For all the latest news and updates, join us here!
Account hacking
MAMIL
Posts: 48
Dear Kabam,
Our alliance leader’s account was hacked today. In accordance to policy, I won’t say any names, but anyone who pays attention to the very top of AM leaderboard knows who it is.
Our leader has changed his password as per your instruction, yet the hacker is still able to go in and out of his account at will, going as far as removing his account from the alliance mid-AM. And as long as the hacker doesn’t log out on his hacking device, there is apparently nothing to be done to keep him/her out in the future.
Putting aside the fact that we have lost all rewards for this AM, wasted energon and items spent on first 3 days of AM, it’s time for a serious question: If you have no easy way of allowing us to secure our account AFTER it’s hacked, why should we keep spending and investing in your game?
With the new AM map, a compromised account can cripple a whole alliance, so if my account was hacked or in danger of getting hacked, no alliance leader will want me, nor would I want to take part in AM because doing so could jeopardize rewards for everyone else.
So please tell us you are going to take this issue VERY seriously and offer us a solution if you value our business at all! A form paragraph response doesn’t cut it for this.
Our alliance leader’s account was hacked today. In accordance to policy, I won’t say any names, but anyone who pays attention to the very top of AM leaderboard knows who it is.
Our leader has changed his password as per your instruction, yet the hacker is still able to go in and out of his account at will, going as far as removing his account from the alliance mid-AM. And as long as the hacker doesn’t log out on his hacking device, there is apparently nothing to be done to keep him/her out in the future.
Putting aside the fact that we have lost all rewards for this AM, wasted energon and items spent on first 3 days of AM, it’s time for a serious question: If you have no easy way of allowing us to secure our account AFTER it’s hacked, why should we keep spending and investing in your game?
With the new AM map, a compromised account can cripple a whole alliance, so if my account was hacked or in danger of getting hacked, no alliance leader will want me, nor would I want to take part in AM because doing so could jeopardize rewards for everyone else.
So please tell us you are going to take this issue VERY seriously and offer us a solution if you value our business at all! A form paragraph response doesn’t cut it for this.
7
This discussion has been closed.
Comments
Contacting support:
From your Base screen, tap the grey gear icon in the top left corner of the screen. From there, tap on the button that says “Support”. Seek your question, if you’re not able to find the answer and have more questions, touch the button that states, “Need more help? Contact us” to submit a support ticket.
Check done it, account accessed again hours later. Follow up emails with support states they can’t do any more and your system is secure. Yet how can the account still be accessed after everything support said to do.
Support has run him in circles, and they don't understand how to fix the issue.
There is is more than one way to kick the guy off the account and secure it, but it will require more than just changing emails and passwords... It seems the support staff doesn't know what course of action to take despite the owner of the account detailing it for them.
The question posed on this thread isn't about how to fix it right now, however. The question is, how can an owner of an account take back control without having to go through support for days on end?
maybe because the hacker has an agenda? wants to cripple the top alliance's AM? or a personal feud towards @Mustangjon ? It's the first time we see this happening too in the game.
As long that hacker still holds on to his login on that device he'll keep able to repeat the same process (login via Android account or Apple ID).. Unless if that session is being kicked out manually by the devs/admin that person will keep have the privilege to do so.
Consider why Force would have anything to do with this. Do you really think that a single week of 1st place with an asterisk next to it and 500 t3c shards are worth the risk?
It clearly is not someone doing this for first place, it is someone with a personal agenda. It could literally be anyone. It is unfair for you guys to tarnish our reputation over something we have nothing to do with.
I had a player back in Onyx that I kicked for even suggesting something like this (he was looking to do it against MB). I loathe cheating, hacking, or anything at all that is against the tenets of fair competition.
I hope that Kabam catches who it is, but the witch hunt is B.S.
I think there should be a option for the real owner that when he change password his should be logged out of all othere devices .
this would solve the issue for sure. just a simple code to enable it to take into effect.
Kabam, let’s get this fixed. We have some brilliant suggestions above that may help. Best wishes to those unlucky accounts.
The link with apple ID or google play ID should be cut off once reset the kaham password.
That is the point.
Accounts can get compromised for any game or website resecuring the account usually is just a case of changing some info. Well what apparently most of us weren’t aware is after you’ve logged into an account , and never hit the logout option just close app etc. the game never needs credentials to log back in.
So you can change linked email and or password as many times as you want but it will never be secured until kabam side initiates a kick to the account or tracks the culprit down and bans the ip/device being used.
After about 20 emails yesterday I had one rep say account was secure with changes, another said as long as the other device has the game bound it’s not secure then a 3rd rep told me account was secure.
Yet the account was logged in from the other device again after changes had been made
It's unfortunate that the support essentially has no idea how the game operates, features of the game, or basic functionality. I've often gotten conflicting information for even the most basic of issues. Then you essentially get a copy/paste email from them. Considering people spend real money on this game the level of support lately is really lacking. When you clearly articulate an issue to support and they basically ignore it or can't comprehend it, there are serious problems.
An option to log out all devices should also be made. At the very least, the function to log out devices should be made available from the support/dev side.
To not have this kind of basic security is a bit worrying.
That being said, compromised accounts very rarely happen 'out of nowhere' with brute force. Generally a compromised account comes from credentials being shared with a 'trusted' individual who ends up not being trustworthy or phishing. Did you try one of those websites for unlimited gems/jewels/credits? (kidding)
In either case, it really sucks, it's a terrible situation and there really should be a better system to fix and secure accounts. Not having a proper system is baffling.
Please improve account security, anyone and everyone could have this problem.
More troubling is I found on the mcoc forums someone having a similar issue from 2 months ago about the compromised logged in devices not being able to logged out. So it should have already been fixed by now.
Maybe our TF team needs to have a chat with the mcoc team about how to fix it.
It simply must be, anything else would be very, very horribly made or you actually have no way of dealing with hackers at all, it can not possibly be made that stupid.
They must have some administrative control over their users, even when they are in.
I told support multiple times they need to hard boot all actively linked or freeze account or move account data over to a new account and I’ve been told each time account should be secure change your password again 3 times
We should still get our rewards for 2nd place. @Kabam Miike can you look into it please.
It should be possible but you need someone from support that actually knows what they are doing.