Ok this morning when i got up i noticed some had changed my password on my email(it a yahoo email),well i got in and changed it to something else,then i noticed they changed the passwords,to my origin,microsoft,sony,and steam accounts.
I have gotten the origin(but the security question was changed to one in chinese),and microsoft accounts back and passwords changed,i have also added my phone to my email,so hopefully it will make it harder for them to get back in,i even changed the password on the secondary email which is how i got back in,i also added my phone to the secondary email.
But when i try to change the password on my sony account it says invalid email,and they changed the email connected to my steam account, i have sent a support ticket,so hopefully i will get it back.
Any advice you can give me to go from here would be great.
I think the hacker was using a VPN,cause despite the fact that the security question is in chinese,according to the email i got from steam the IP that logged in was from greece.
Please help me i really want to get my accounts back to normal.
Well i thought that i did,but there is a small chance that i didn't.
With steam i do have the card info,i don't know where any of my games i bought at a store and activated on steam are,but i do have 2 games that i bought in steam,but also added them to my origin account,and i have the cd keys for them.
Online,not that i know of,offline,my cousin was kinda pissed when my sister(who i live with for now)kicked him out,but it would not explain why the security question is in chinese.
Weird, I filled out a lost steam account and wasn't able to retrieve it with the card that was present on it. I was forced to use a game that I purchased from GOG a while back (which I had forgotten I bought).
You can prevent this if you use two step verification, which is not taught to most people. Two step for email sends a text to your phone. Two step steam and everything else usually sends and email. Dropbox and others offer both (one or the other; email or text). For sensitive accounts I always use text. For anything else I use email. Also encrypt your phone if you can (in case it gets stolen or lost and found).
Usually the people closest to you are the ones who may be in control of your account, I'm not saying be suspicious of everyone close to you, but just keep it in mind.
With steam support, don't wait around they take ages. You could instead ask one of your Steam friends (if you can get into contact with one) to talk with this person (see if something can be done). Try the different recovery options available for all the accounts.
I also wouldn't recommend using Yahoo at all, but first just do one thing at a time to try and solve this problem. To stop this from happening again, use stronger passwords next time, be careful with whom you give information out to, be careful what sites you visit, use a VPN, etc. All the usual stuff.
Well the only friends i had on there were either family i live with,or coworkers,and some old friends i gamed with for a while,i gave none of them my password,the only place that would know my steam password is the Raptr app(which is with AMD now so i don't think they did it lol).
The only other people i know in person that knew the password was my brother in law,and mabye my older cousin,who my sister kicked out,but that would not explain why the ip that got in,was across the world.
Well. The only thing i can really recommend to you is to regain control of your account, somehow, and migrate the email to a NEW hotmail account. I wouldn't recommend to reuse Yahoo, but you can if you wish. And also change the password to something aleast 10 digits for a while, at least a month until they lose intrest in trying to get into your account, then change the password to whatever you want.
To avoid getting hacked in the future I recommend using a password manager like LastPass. Make sure that your master password contains a lot of characters and isn't known by anyone but you. This means that you can have random passwords for all of your accounts and you won't need to remember them as long as you're logging in on your own computer. Also, this way if a website is hacked and people's account details are leaked, you won't need to worry about changing multiple passwords.
This works, but you still are vulnerable to hacks aslong as data is kept on a computer. You should have a piece of paper with your passwords in your wallet. Two step verification is much better than simply using a password manager. It requires a password and then a second method of verifying you as you. Why do you think Russia is still using paper in their government for sensitive information?
Running along those lines, Gmail logs your "Normal" IP Addresses general location, and automatically rejects login attempts coming from other countries.... Untill you verify with them that it is actually you.... What they also do, in the event this happens, is send you an email letting you know the IP Address that attempted to log in to your account and that IP's "general" location....
Especially good if youve got your mobile number linked to your account, as they txt you to notify you within around 30 seconds of the attempt....
Great to hear. You need to run a MalwareBytes check on your machine, a full system scan with a virus software and change absolutely EVERY password you have then setup 2 step validation on everything that will support it. You really wanna check for keylogging malware and such and I believe MalwareBytes is your best bet unless others have suggestions too.