On the 13th and 14th May my moneybookers account was hacked and a total of ~$12k was stolen in 3 separate transactions over a 24 hour time period.
The account was first accessed on 11th May by an Indian IP address.
I have since been in contact with 4 other high stakes pros whose accounts were attempted to be breached from 9th -11th May (by random IPs e.g. Columbia and Vietnam), but unsuccessfully as they had security tokens. (These are the only people I know with MB accounts).
All my poker accounts are untouched, but now closed until this is resolved.
This cant be coicidence. My moneybookers someone tried to log in 2 times in first week of May. Never happened before. I requested the IP's , it was someone from USA and Chile. Moneybookers blocked any outgoing transfers since then and i had to change my email and password and now after 3days , them still not have unlucked my account.
****ing people try to breach moneybookers accounts. Hope they burn in hell.
Personally my advice to any of you whose accounts were breached would be to change any poker software password that may be the same as your moneybookers and be very careful with your registered email address.
In addition if you have lost funds your money should be protected under FCA guidelines unless you have been grossly negligent. Please see the link below for more information.
I also had a failed login attempt on May 6th. Found it weird, since I think it's happened only once before, perhaps some time in 2011 or 2012.
Have security token, obv. For what it's worth (others please correct me if I'm wrong), you only get that 'failed login attempt' email if the person uses your correct email address, but wrong password. In other words, I don't think it generates that email if you get the verification Captcha wrong, or enter the wrong RSA token #. Not sure what there is to do with that info but...well, i guess I didn't feel TOO vulnerable since I have the RSA token. OP, did you have an RSA token?
I honestly can't understand why ANY site or e-wallet that wants to be taken seriously in 2013+ would not offer one.
This is a really crappy situation. I'm sorry for those affected, and the rest of us should tread carefully.
I don't know the answer to the above question re: failed login attempts. However, one thing I do know for sure is that Skrill is among the e-wallets that DOES offer an RSA security token for all accounts, VIP or otherwise. It's free for VIPs, and 15 EUR for non-VIPs.
In addition, Skrill has a 100% Money-Backed Guarantee in case someone beisdes you access your account AND you're using the security (RSA) token. If OP wasn't, obviously he is not going to qualify for that.
For those interested...
The Terms and Conditions say this:
Skrill also has a similar policy for fraud on their Master-cards when Fraud occurs, which is a good thing.
There's more in clause 3.1 about this Money-Back Guarantee, but the main point is I'd encourage everyone, VIP or otherwise, small balance or large, to get a security token on their Skrill account. They only take 3-4 days to arrive once ordered.