Super unfortunate, I got the same response from stars but with an included paragraph which read something along the lines off fortunately we were able to retrieve the stolen funds. So i got all the money back that was transferred out.

Did you get any emails at all to say your funds had been transferred? I can't login to my stars account as its still frozen so I literally don't know what happened my bankroll if it was transferred to another player, withdrawn or spent on cash tables. It seems strange that stats were able to recover $16 but not it all. Thanks for the info

If the bankroll was transfered or cashed out you should have email about that. If not then it' probably dumped to other player and some was recovered.

surely if that's the case they should have been able to recover it all. Doesn't really make sense to be honest. I'll wait and see what they say but doesn't sound to convincing.

Can't they like track the history of your games accessed ? I mean maybe the hacker accessed your account and then jumped into a HU game with his own account and as Esa_Perse said dumped the money to his account.

>as I should have had additional security on my account

How? Like what? Should we all encrypt our entire PC's and run on VPN's that go through ten servers so we can't be compromised? Oh, hang on, that's what hackers who steal your credentials and money do. Would be interesting to find out what "additional security" they recommend for a phone user.

To me, it's cut and dried - someone logged in from another continent under your account, despite you having a strong password, they steal your money in an electronic transaction and Pokerstars say this transaction cannot be reversed to recover all the money? That is BS. It's an ELECTRONIC transfer. It can be reversed/cancelled. PayPal tell me this ALL THE TIME whenever I use them.

if you play on mobile or pc rule is the same, you need to have 2 step verification in form of pin or token.

if the money is xsfered to another account or attempted to be withdrawn they can stop that process and return funds. If the hackers dumps to an illegal account they cant return funds. If the hacker blows the money on the tables to legit accounts you will get nothing back, nor should you.
-as stars stated there were no failed attempts so your login was compromised (this is on your end)
- as far as logging in from other countries, people travel. if they got blocked from accessing their account when they correctly login just because they are in another country they would have way more support emails to deal with pissed off authentic users.

I think you're making a mistake in thinking that this is as simple as you imagine. It's probably not simply a matter of reversing a transaction.

For example - and I don't know what happened with your specific account - if the hacker logged into your account, and lost $200 to honest players at cash tables, should that money be taken back from the other players?

Leave aside the super complicated issue of imagining cash games with half a dozen players, who might change from hand to hand, and imagine the account only played heads up SNGs. What if the account won $200 from HonestPlayerA, and lost $400 to HonestPlayerB. What should happen then? Then, extrapolate that answer to the hypothetical situation of MTTs, cash games, where you might have dozens or hundreds of players who all won and lost money in an inter-related economy to your account, and so on.

These situations are complicated, and I'm not pretending that I have the answer here - but merely pointing out that in online poker world, there are a bunch of issues that you might not have previously considered.

Couple of side notes:
a)Just for the sake of clarity, I'm not speaking on behalf of anyone other than myself as an individual, and I have no information about this situation other that what has been posted in this thread.
b) My post here assumes that the money was lost at poker tables to honest players, unassociated with the hacking. Of course, if the money was transferred (either using the transfer function, or chip dumped) to an accomplice, then as much should be returned as possible.

This is only one possible scenario but not the only possibility. PS could be compromised on their end, probably least likely but not as impossible as PS would want everyone to believe. Could also be a man-in-the-middle attack. Where the data is captured between user and PS and the password is stripped out due to weak or compromised security protocols. This may actually be the most likely attack vector for anyone playing on the mobile app where there is an additional step that can be intercepted, that being the RF communication between the handset and the cell provider. The nature of mobile apps having to be small, code efficient and low processor load can result in trade offs with security.

The main point is the fact that the account was accessed with one try does not conclusively lead to the user being the one that was compromised.

My bank warns me that if I am going to travel that I should inform them ahead of time or my bank cards could be frozen when they are suddenly being used on the other side of the world. Pokerstars should use the same protocols. Your account is accessed from somewhere new, especially when great distances over small time frames are involved, then the account should be restricted until it can be verified it is the actual account holder doing the accessing. This step can be avoided on a one time basis by prior informing support of your travel plans or if you travel a lot then you can take on the additional risk of telling PS not to restrict your account by location. Protecting all users money should come before concerns of possibly pissing off travelers.

These are simple basic steps PokerStrars should be taking but refuse to do. They should also make two factor authentication through at least the PokerStars PIN mandatory rather than the option it currently is. Just speculating here but I can not help but think the reason they do not do this is that the PIN is subject to some of the same potential security weaknesses as your password and if they made it mandatory they would loose their automatic, "it's 100% the users fault", excuse they currently use. They claim that no PIN protected accounts have been compromised so my paranoid concern should not be valid if they are telling the truth.

The current situation is not acceptable, PokerStars could and should be doing more.

Of course not, Stars should cover it. Guy only ever logs in from Australia, plays and finishes a tournament, then suddenly logs in from Russia and dumps his account balance. If that doesn't raise an immediate red flag for security then what does?

No. It's the players' responsibility to keep their account safe. PokerStars has no responsibility to coddle adults. As has been said already, if Stars froze every account that traveled, there'd be a ****storm. People just need to be more responsible for themselves. At this point, it also could lead to a ton of freerolls against Stars when they "have" to return the money.

"Hello PokerStars,

Please send me the following:

1) All HH that were played on my account from inception until now.
2) A full login report of my account from inception until now.
3) A full transaction history of my account from inception until now.

Regards,

Ausguy"

Yh i got the standard cashier email saying they had authorised a transaction for a real money transfer to SN ... for x $$

So i emailed stars security immediately it took like 3 days to resolve, would have been sooner to be fair however i kept missing there call.

Anyone ever have issues with stars contacting them back? I'm waiting over a week now and have sent at least ten emails and haven't even received a response to any of them. Got my mate to email them regarding a different issue and they have responded to him in a matter of hours. Seems an outrageous length of time to be waiting for a response considering how serious the issue is.

That's normal for Stars now unfortunately.

You could try pm one of the reps on here if you haven't already.

If this is normal for stars it's an absolute joke. Leaving a customer wait a week over an issue so serious without even a reply to say they are looking into the issue. That's horrendous customer service by anyone's standards. How do i find a rep on this forum ? Thanks for the help

I think Keith is the most active one

http://forumserver.twoplustwo.com/members/370419/

My $0.02. If anybody from PS is reading - the following policy would help:
1. have an account flag "restrict my logins to my home country only"
2. set this flag by default for new accounts.
Not ideal, but much better balance of convenience and security than now.

If everyone does that, as it seems every irate player here does, then it will take them 10 times longer to reply to you

There seems to be a widespread mistaken belief that there's some technology that precisely determines where an internet user is physically located. There isn't.

Phones and Android are not so safe these days. It is pretty easy to secure your Pokerstars account, plus use a long password.

We're you using a public Wi-Fi connection on your phone to play on stars?