Hacked after someone accessed my runemate account

Discussion in 'Discussions' started by sydney1411, Jul 22, 2016.

  1. Hey, just logged in to find my account hacked (even dropped my untradables rip). After looking through my email i saw that someone accessed my runemate account at 4am. I guess thats what i get for having the same pass for both like an idiot. So this is a dont be dumb like me PSA and have the same password for both accounts - s a d b o y[​IMG]
    #1 sydney1411, Jul 22, 2016
    Last edited: Jul 22, 2016
  2. rip

    never had a problem with it before :p have no idea how they got this password in the[​IMG] first place.
  3. Someone probably who looks at the passwords and information data who controls runemate probably was trying out to see if they're the same as emails lol
  4. What? Obviously your password for a different site was leaked and they just tried it to login with runemate too and voila. This is why you should always have two factor authentication enabled.
    Defeat3d likes this.
  5. Use TFA my man.
  6. yea, def gunna use tfa from now :D at least i only started playing a couple months ago so i only lost 15m. cant imagine if i actually had years invested into this.

    i dont imagine it got leaked on another site. im pretty new so im not involved in any rs related stuff outside of this so for them to try runemate specifically seems like 1 in a million. but then again i guess its possible :p
  7. Use this website to check any of your email addresses to see if they've been exposed in a database leak/hack:
    Have I been pwned? Check if your email has been compromised in a data breach

    I've been caught out before where I've had the same password for multiple websites. One of the websites had their database breached, and the hacker(s) then tried that password on multiple websites to see if they could get a match. Luckily, two-factor authentication stopped them ;)

    Now all of my passwords are managed with a password manager and every website has a unique and much more secure password.

    Not quite sure how your statement fits in here?
  8. I'd rather check if your computer isn't rat'd.

    Edit: This is gmail, usually it blocks access from new locations I think. He might have used your pc as a proxy :p
    #10 lnxepique, Jul 23, 2016
    Last edited: Jul 23, 2016
  9. If I were you I'd enable 2FA on my email as well, way too many sites can be accessed via email recovery.
  10. will definitely be doing that, along with a scan with my computer are there any other steps i should be taking. thanks!
  11. Just wrap yourself up, if you've got 2FA on all of your important sites, you should be alright.

Share This Page