Many Origin accounts are being hijacked, EA offers no explanation

By on November 14, 2012, 2:30 PM

If you have an Origin account, you may want to change your password. Scattered reports from gamers including Eurogamer's Richard Leadbetter indicate that EA may have suffered a security breach. Affected users claim to have received an email from Origin confirming the successful change of their account's email address or password (or both) -- except, of course, the account owners didn't make those changes.

It's unclear how widespread the issue is, but a post on NeoGAF has compiled a list of recent threads created about the topic on EA's forum. Although EA has responded to Eurogamer's report, it mostly beat around the bush, citing its various support avenues and "robust security measures" that are "constantly upgraded." The company didn't acknowledge that the recent compromises may stem from an internal breach.

Many affected users insist that they used complex passwords and that their systems aren't infected with a keylogger or any other malware, so they're convinced that their credentials must have been leaked on EA's end. Adding to the frustration, once an account is hijacked, most of its profile information is altered (including the Origin ID) to erase the identity of its original owner, making it tricky to recover with EA's policies.

Automated online recovery methods generally require access to the email address listed on the account, but that information has been changed in most cases, so the only recourse is phone support. Also, when an Origin account's email address is changed, the service sends a notification to the previous address, but it doesn’t say what the new address is, which makes it harder to help phone support locate your account.

Even after defeating those obstacles, you may not be able to get your account back. According to many reports, EA's support requires your date of birth as part of its security protocol. This shouldn't be a problem, but a lot of people submit bogus birth dates when registering on sites and there's little chance of remembering such a random selection. Some users also suggest that the hackers may be changing birth dates.

If all else fails, you may be able to recover the account if it's bound to another service, such as Xbox Live. Having your account stolen is a bummer, but you can at least be fairly sure that your credit card data is safeish. When Origin stores credit card info, it doesn't keep the three-digit CSS code and it only displays the last four digits of the card number. We're not sure if they'd be able to buy games on your account, however.

User Comments: 16

Got something to say? Post a comment
1 person liked this | Guest said:

Its EA... what did you expect?

Guest said:

A good ga... oh, you almost had me there

krayzie said:

Yep... My account got hacked and hacker changed my dob so account gone for ever... Dumb asses won't even check ip logs etc

treeski treeski said:

I changed my password. Hopefully that's good enough...

chuckmeister said:

Yep... My account got hacked and hacker changed my dob so account gone for ever... Dumb asses won't even check ip logs etc

Yeah it happened to me as well a while ago... I created my account again with my email address.. then EA's garbage site wouldn't let me log into that for a while.. kept at it over the course of a week.. was able to login.. and get tech support on chat.. I had my e-mail receipt of a transaction and gave them all of the info and said this e-mail account was hacked prior to me creating it again.. they asked for my dob which was wrong.. but I refused to take no for answer and eventually they ported everything to my account again. What a mess of a system.

treetops treetops said:

Probably the same people that hacked those d3 accounts.

Guest said:

My EA Account always disconnected me (said I am offline) since last sunday and it became very frusturated when playing ME3 MP. Endup I login and changed my password to a much more complex and I am not getting disconnection during games or suddenlly it goes offline (EA Origin) on the desktop.

I suggest everyone login and change their password.

PinothyJ said:

Let me see if I have been hacked...

TS-56336 TS-56336 said:

Done, changed. I only have two games on Origin but I wouldn't let this one get way with it.

Darth Shiv Darth Shiv said:

Yep... My account got hacked and hacker changed my dob so account gone for ever... Dumb asses won't even check ip logs etc

Happened to a friend. He filed a credit card charge dispute for the original purchase and then EA came to the party.

Darth Shiv Darth Shiv said:

Probably the same people that hacked those d3 accounts.

Because they are the only hackers in the world?

HaMsTeYr HaMsTeYr said:

Yep, happened with my Origin account, but like 2-3 months ago.

My Battlefield 3 account was hacked into, had it's name changed, the registered email changed, essentially everything on the block. I talked to EA Games though, and I got my whole entire account back (I gave them hard evidence proof that they belonged to me, Physical Copies of the games with their codes and and order numbers and receipts printed, as well as a bank statement beside them. Irrefutable proof).

Since I'm one of the survivors of this stupid aftermath, that's what I can advise to many of you.

And yes, I know that EA/ Origin is terrible, but atm there's no other way to play Battlefield 3, so... meh.

Guest said:

I guess I'm glad I didn't buy battlefield 3 then

Guest said:

I haven't used my EA/Origin account in a very long time, will have to check it out and change password.

Guest said:

So, this is the fifth time in one year I've had to create a brand new Origin account using yet another gmail address. EA is banned forever from my household. I purchased one title through Origin - never again. My kids can move out if they want anything EA... ever again.

avoidz avoidz said:

Here we go again... I feel safer if I just delete the account and never use it again.

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.