Hey, just logged in to find my account hacked (even dropped my untradables rip). After looking through my email i saw that someone accessed my runemate account at 4am. I guess thats what i get for having the same pass for both like an idiot. So this is a dont be dumb like me PSA and have the same password for both accounts - s a d b o y
lol what did it say? xD If I may know? ^_^ hehehe Lol but wow same passwords? you gotta be....omg lol why would you have same pass's never do that!! I never done that before
Someone probably who looks at the passwords and information data who controls runemate probably was trying out to see if they're the same as emails lol
What? Obviously your password for a different site was leaked and they just tried it to login with runemate too and voila. This is why you should always have two factor authentication enabled.
yea, def gunna use tfa from now at least i only started playing a couple months ago so i only lost 15m. cant imagine if i actually had years invested into this. i dont imagine it got leaked on another site. im pretty new so im not involved in any rs related stuff outside of this so for them to try runemate specifically seems like 1 in a million. but then again i guess its possible
Use this website to check any of your email addresses to see if they've been exposed in a database leak/hack: Have I been pwned? Check if your email has been compromised in a data breach I've been caught out before where I've had the same password for multiple websites. One of the websites had their database breached, and the hacker(s) then tried that password on multiple websites to see if they could get a match. Luckily, two-factor authentication stopped them Now all of my passwords are managed with a password manager and every website has a unique and much more secure password. Not quite sure how your statement fits in here?
I'd rather check if your computer isn't rat'd. Edit: This is gmail, usually it blocks access from new locations I think. He might have used your pc as a proxy
If I were you I'd enable 2FA on my email as well, way too many sites can be accessed via email recovery.
will definitely be doing that, along with a scan with my computer are there any other steps i should be taking. thanks!
