After all the chaos of having my Guild Wars account hacked dissipated, I began to reflect on some of the misgivings I should realistically have as a customer. That the system eventually works is a small consolation in a hoop-jumping exercise that would put an HMO to shame. You see, I felt betrayed. (Warning: a bit ranty.)
I felt betrayed because at first I was treated like an enemy rather than a customer. It was as if NCSoft’s first decision upon an account being hacked is the view that the person had been entirely compromised. NCSoft clearly understood that my accounts were attacked by another, and when they locked my accounts they thought not to tell me unless I decided to try to log in. This makes no sense. Any other service where I had an account, I would fully expect to be contacted if the company was fairly certain the actions showing were not my own. This would be especially true if they had taken some action, like stopping the account.
They must have felt that my email, the one I use to log in to Guild Wars, was also gone. They thought the hacker likely had my date of birth, previous mailing addresses, previous NCSoft support ticket numbers, and credit card numbers. Even my credit card company does not need that much information to verify that I am who I am when I take the time and energy to contact them. What I didn’t have, that they really wanted, were the account keys. Unlike most, I still do have them, but they are not easily accessible. I wish when I did have them accessible some big, freaking non-ignorable red letters surrounding the key clearly stated that this information should be kept accessible in case of account issues. Who was I to think that the valuable personal information I was giving ArenaNet and NCSoft on account creation day meant diddly squat in comparison.
I have absolutely no malice to all the men and women that helped me either via support ticket email or on the phone. They were extremely helpful and polite, and their hands were tied by this system that would make a government bureaucrat want to hang herself with red tape. For botters and cheaters, this stonewall system is great, but the same system does not work for an innocent account holder that was hacked. After five years of pretty constantly playing Guild Wars, I felt that I had made a pretty strong image of self. My email, the IPs I game from, the way I chat, who I chat with, were all pieces of evidence that ArenaNet / NCSoft could have used. And most importantly, do hackers really take the time to try and go through support and regain an account? I would be extremely surprised if they do.
I don’t expect anything to change, but I do hope that ArenaNet is looking at some stronger account options for Guild Wars 2 like World of Warcraft’s authenticator. With all the Extended Experience things they are doing, maybe they could just turn one of the apps into some sort of authenticator. Thankfully this is all behind me now, and hopefully I am more mindful of protecting my accounts on my end in the future.
bow hunt polar bear