Yes, I did pretty much everything I could after getting my account hacked. Changed all the pw, activated 2step verification everywhere possible and formatted my computer.

I would like to add one point to this good post, which is contrary to some advice and perhaps unintuitive to some:

If you have a decent password, and receive a failed login attempt email, DO NOT change your password. In fact, in general if you follow decent security practices, there's no reason to change or "expire" passwords at all.

This thread has been created to raise police awareness for a breach of personal data online.

I have been playing online for 7 years and had a MB account for 2. I have never had a single failed login attempt and my account has never been accessed by anyone else. My 3 other friends who have MB accounts have previously had 1 or 2 failed logins in the past two years and it seemed suspicious we all had failed logins/breach of accounts in the first 2 weeks of May.

Not a single one of my poker accounts or other website has been hacked of mine ever!

Based on the responses in this thread there has been a leak of our personal information, but the source is arguable.

I have the best antivirus/malware and no one has ever used my personal desktop but me. I have not played poker anywhere else, but my personal computer for the past 6 months.

It is virtually impossible to hack a computer and this was not an error on my end.

My passwords are not that same on all sites and I vary them for all message boards/poker sites.

If anyone who has had a failed login attempt or breach of account in the first 2 weeks of May could PLEASE CONTACT THE POLICE ON 0300 123 2040!!

This thread has not been made for people to feel sorry for me, but designed to find a solution for a serious breach of our private information and the police are the only people who could help with this. THEREFORE PLEASE PHONE!!!!!

Thank you

have a single lock in attempt from may via email

+1

I've gotten 2 e-mails of "failed login" from Moneybookers this May.

Edit: haven't gotten a single "failed login" e-mail in the 5 years before that

Had two attempts somewhere in the end of April/beginning of May, but too lazy to check the dates.

Does anybody know, if I have two emails set up on Skrill and the main one has 2 Step Verification and the other one does not, could this be a problem.

Haven´t checked, if the non-primary email can be used for pw resets as well.

(Un)Fortunately I can add that my Skrill is mostly busto.

Just to provide some information

I haven't received any failed log in mail and my moneybookers account is linked to a email account I use for NOTHING else (though the account itsself is pretty empty too).

So possibly something other than moneybookers was breached that a lot of poker players use?

Please share with us where else you have used this email address so we can sort it out together. Anyway no login attemps in my way.

Excellent.

I'd agree.

LOL.

Nothing should be eliminated as a possibility of course, but I'd say you're taking a pretty big leap here. Hard to believe that a hacker sits on the information all this time and just now tries to put it to use. I'm sure it's possible, but it seems pretty unlikely. As for a mod selling the info, only admins have access to this information in any kind of a list form. Mods can see registration email addresses on an account-by-account basis, so it is possible that one could be trying them one at a time, but this sounds like a pretty time-consuming process to try to get a lot done.

An easy way to eliminate 2+2 as a sole source would be to see if anyone has had a login attempt that uses a different address on MB than they do on 2+2.

I'm not sure whether to be more or less concerned that these are mostly single attempts. To me, that would indicate that they're not trying to brute force accounts, but are just guessing at one password. So I would think that either they have an email/password list from somewhere with which they're trying to catch anyone that uses the same combo at both, or they're just trying a simple password for everyone.

I think some of the most helpful information at this juncture would be from the two people that did have their account compromised. Were your passwords dictionary words that could have been guessed? The more information you can give us about what your password actually was, the better, but obviously don't share the actual password if it gives away anything private or is used elsewhere important (although I would hope you'd have fixed that by now if so), but maybe you can share info about it. If it's unique and unlikely to have been guessed in one or two attempts, did you use the same password anywhere else?

Actually, it's in between both of your guesses - it was a year ago last month.

First of all, I have no idea why I'd phone the UK police. Secondly, I think calling any police at all would be a waste of my time right now. I don't envision myself calling the police to tell them that I got an email saying someone attempted to login to my Moneybookers account when I can't be certain if it was someone entering the wrong email address by mistake (granted this seems unlikely given the spike in login attempts across the membership here), nor do I have the slightest clue who it could have been or how they would have obtained my email address, which I have used in hundreds of places and has been published in the media (in another capacity without any ties to poker and/or gambling). I think anyone who has had their account compromised should definitely contact the police, and anyone who thinks they can narrow things down a lot more specifically should consider it as well. And perhaps if we do a little work in this thread, we might discover some commonalities that make contacting the police more useful for all of us.

Aside from those whose accounts were compromised, I think the next most useful information would come from those who have had a login attempt and are certain they've used their email in very few other places. Information from people like me, who have used the same email address at dozens of sites, is going to be pretty useless. I have no doubt my email address is on a few gambling email lists that any of us can buy at a variety of sites, and obviously I'm not the only one.

I agree to an extent with the above.

My main concern is that this information leak has affected moneybookers accounts.

When 2p2 information was leaked 2 years ago, poker sites weren't hit, but 2p2 accounts were.

In this scenario the breach of information/data has affected our moneybookers accounts, so although it is easy to push this on an email+password list from a dotchy casino being leaked, then that doesn't explain why all those accounts weren't hit by the same hacker.

Every single one of my email addresses/online accounts/poker accounts - EVERYTHING is untouched apart from moneybookers, which has to be considered.

The reason I push for the police is that they will find the solution and breach and the more phone calls they receive the more pressing this issue becomes, but whether you phone or not is your prerogative.

I received a failed login attempt on the 7th May (never had one before) and the next day, Skrill support informed me that a breach had occurred. My account was locked. After changing password and emails, the account was re-instated and they qualified my account for a security token.

My balance was $0 at the time so hard to tell what would have happened otherwise. I'm currently not using Skrill until I get a security token, I feel my funds are safer on PokerStars where I have an RSA token.

And then there is Neteller, not sure what to do about security there.

:


:
Also, were your email or password the same as on 2+2?

So I found this thread on google after typing "moneybookers failed login attempts". I knew right away that someone was going off a username/password list from another website to try to "match" moneybooker accounts. So here's what we do to narrow down this investigation a bit:

Go to "My Account"..

Click "History" and choose the largest date range possible

Now everyone POST ALL THE MERCHANTS in your history so that we can cross check them with eachother to see which one is the most common.

Here's mine:

ultimatebet.com
idscr.com
wsex.com
plimus.com

which ones are on your lists?

I would like to add that I have NEVER had an account on twoplustwo.com

So this attack probably has nothing to do with these accounts

I just had this one failed try on my Moneybookers account today.

Just for the record my Moneybookers and 2+2 accounts email are different.

Just woken up and there was one attempt at my skrill account last night.

I also have RSA token.

When I get into my desktop I'll view the list of outgoing transactions but I feel like there will be a lot.

It's quite obvious to me that someone has an email list with thousands of names and he goes through the emails one by one as he hopes to find a mb account with a vulnerable password or potentially using the same password as the place he got it from.

Ultimate bet doesn't seem a bad initial guess.

I never played ultimate bet but I do agree we need to try figure out where this is coming from.

Lock poker? I mean lock are clearly the scummiest site out there atm.

No 2p2 password different bobo.

Please an internal investigation of which sites we have dealt with will get us nowhere.

My account was breached, funds transferred to another mb account and then withdrawn to a domestic bank account.

There is a clear paper trail which moneybookers have already declined to pursue and will not, but - the police will. After this is solved we will find the culprit instead of throwing out random website names and trying to play Sherlock Holmes in this thread.

Thanks. Email different than 2+2 as well? Password easily guessable?

This guy prob gonna try Neteller next so if you have an account there then maybe worth changing your password.

I use a programme called Keepass. You can download it here:

http://keepass.info/

It's a password manager that means you can randomise every single password that you use online so that you never have the same one for different sites. It will also pick a password for you with the parameters that you want so say for example 16 charachters with upper case and lower case and some numbers thrown in there it will design a password for you.

You need a master password to access the manager. You can also choose a random file on your pc like a picture of your dog for example as a second layer security so that you have to drag that file into the startup box or it won't open which protects against keyloggers.

You also copy and paste from the password manager so that you are never typing username or passwords on your pc.

It's a really effective tool that people like poker players should be using.

^^^- I have a neteller account already, which is unaffected.

Bobo I am by no means suggesting this was a 2p2 leak - I am not even hinting anything close to that. My email address is the same, but password is different and moneybookers password of course was not easily guessable. My 2p2 has never been accessed or affected by anyone else.

My moneybookers account is the only thing that has been accessed and affected.

Going round in circles like this will not lead us to any conclusions. From our end I agree with every post here surrounding password protection etc...

But due to the spike in logins/failed logins in the first 2 weeks of May (potentially only failed due to the RSA token), I believe there is a large chance our personal information has been leaked. The source is questionable, but as mentioned above only my moneybookers account has been affected.

Thanks for answering my questions, even though you think they're a waste of time. And I know you aren't suggesting it was 2+2, but I think it's wise to rule out what we can.

Your responses indicate to me that your particular situation has to be a case of your computer being infected with a keylogger or trojan of some kind, or Moneybookers actually being hacked. If you are using a unique and relatively secure password, how could an info leak explain it? Having your email alone doesn't allow anyone to get into your MB account with only a couple of attempts. If the password is unique and secure, it should take millions of guesses. Am I missing something here?

Bobo - As mentioned this password has been used very sparingly on some other sites.

I personally think an email and password list has been leaked. Whether this is from a poker site or moneybookers itself is arguable, but i'm virtually certain this was not a breach of my computer!

But it has been over a week since my breach and the only thing that has been impacted has been my moneybookers and nothing else. Assuming this information was from a poker site, wouldn't the first place you would look be the poker site/casino itself, hack the account drop funds to a number of fake accounts and move on??? Which is how a lot of scams online have happened, making it impossible to trace the funds as well.

In this scenario my funds were transferred to another moneybookers account and then withdrawn to a domestic bank account. There must be some sort of paper trail in this case, which the police can follow and find the root to the problem. In addition the spike in failed logins for moneybookers users who are using an RSA token and account breaches for users who aren't using a token in the first 2 weeks of May must also be an indication for an information leak

This thread has not been made to teach the public about good password security or to moan about my account being hacked. I want other people to post here about a failed login attempt or breach on their account and inform the police, who will be able to suitably trace the criminal and find the solution to this problem, because a 2p2 investigation will get us absolutely nowhere.

I understand how you think the elimination of possibilities may be able to corner a guilty party, but it will be probably be too little too late and unless the police are informed or this breach of our personal information as soon as possible the criminal would have hid his tracks and this will be forgotten.