RU server accounts hacked – again…

Hello everyone,

so, remember that 300 gold for password change event on the RU server from last week? Now we know the reason. Wargaming RU VK page (VK means Vkontakte, it is basically Russian version of Facebook, very popular) reported the following:


Basically, someone (unnamed third party) got their hands on (probably hacked) WG RU database of several thousand account e-mails and leaked it. These players were immediately threatened by the loss of their account, hence the “change your password for 300g” event.

The accounts that were threatened were temporarily blocked in order to prevent their theft. This resulted in a massive whine on RU forums, because their owners thought they were being banned for no reason (one player from Ukraine even wrote to me to report the issue). For those “banned” this way: you can write a support ticket and get your account restored.

And yes, this has happened before – the first “300g for password change” event some of you might still remember was also a result of an account security breach on RU server.

23 thoughts on “RU server accounts hacked – again…

  1. For all i care they can have a security breach every month if they give 300g every time it happens. :-)

    • It’s not that fun if someone would do that on EU database. You’d lose all your tanks, progress, credits and gold. At best, you’d get a ban to prevent such disaster which you’d have to submit a ticket to get rid of it and we all know that in such event, it won’t happen overnight…. Trust me, if this is going to happen more often on RU, it will sooner or later come to us.

      I’m not comfortable with this RU data hack.

      • ExoNut, i would be worried if i ever heard of a gaming account of WOT type beeing screwed up in the way you describe by such a security breach.

  2. Sometimes I wish that someone would just start hacking WG EU database on a monthly basis… Gimme that gold! :D

  3. I am certain I speak for everyone that enjoys WoT when I say that we are just unbelieveably shocked by these developments and find them completely unexpected and unprecedented.

  4. And what about other servers players and their accounts on test server? Those aren’t in that database?

  5. Hacked again really?
    Passwords stored in plain text? People using 123456 too much? Pathetic.

    • even if the account passwords a single character, it’s WG duty to protect our accounts
      people have used debit/credit cards to buy stuff from WG and this is how they get rewarded? with piss poor security!?
      and it’s not the 1st time WG’s security gets breached

  6. If something like that happens on EU server, I guess they will want me to prove that its my account. How am I supposed to do that ?

  7. WG RU was __not__ hacked.

    “На одном из сторонних ресурсов…” doesn’t mean that an unnamed third party got their hands on the passwords.

    It means that a third party website which used WG RU authentication got compromised and only the e-mails and their corresponding user names were stolen. That is bad because someone who would like to steal a certain account now knows the associated e-mail address.

    • Interesting. So why are third party sites using WG authentication getting the e-mail address, as well as the user name?

      • For example i write comments here using gmail account. Therefore FTR is “third party site” using gmail, and many other, authentication. Mostly only email adress (name) is shared so there is nothing to worry about (usually).

  8. Blizzard has also problems with lot of stolen accounts so they issued their authenticator – generator of numbers like banks are using. Player must fill both password and generated number. Its save and the authenticator application is now free on cell phone. WG should start thinking about the same stuff.

  9. I do not know how many of you played WoW but same thing actually happened at Blizzard Company years ago,when they invented a thing named “authenticator” so they encouraged some people to buy the product otherwise their accounts will get closed ,due to suspicious activity.Same thing happening at WG now and i’m sure they will sell a device like this (or app for iOs or Android) to prevent such a thing,otherwise they will just simply ban your account because of “security compromise” issue.

    That’s how companies work now,leaving all the burden to the shoulders of their customers so they won’t take any responsibility when “something” happened to your account.

  10. Pingback: 15.1.2014 | For The Record