Two Plus Two Publishing LLC
Two Plus Two Publishing LLC
 

Go Back   Two Plus Two Poker Forums > >

Notices

News, Views, and Gossip For poker news, views, and gossip

Reply
 
Thread Tools Display Modes
Old 03-17-2015, 07:32 PM   #1
Arcana
enthusiast
 
Arcana's Avatar
 
Join Date: Feb 2015
Posts: 55
Exclamation Many Pokerstars accounts hacked recently, Stars accepts no liability

We ask everyone who plays on Pokerstars to urgently use a PIN to protect their accounts.
https://www.pokerstars.eu/poker/room.../security/pin/
https://www.pokerstars.uk/poker/room.../security/pin/
https://www.pokerstars.com/poker/roo.../security/pin/

Many Pokerstars accounts are suddenly being hacked and the number is rapidly growing. Stars continues to deny any possibility of a leak from their end, even though nobody so far has reported anything other than their Pokerstars accounts hacked. Other poker/bank/email/social media accounts have not been hacked.
Those of us who have run anti-malware software have not detected any spyware or keyloggers.

It also raises important focus on the security of Pokerstars, as the changes in the cashout policies of Pokerstars have made it very easy for the hackers to accomplish their task. Some cashouts are not being reviewed anymore and are approved within 1 minute. On top of that, it has been made possible to cashout directly after making a deposit. To add to this list, all of this is done while missing the following red flags:
-A foreign IP address has entered our account from a country we never visited
-Used a different Neteller account than the one attached to our account, to make a deposit into our account
-Used a different credit card, than the one attached to our account, to make a whole series of deposits
-Depleted our FPP's by converting them into $
-Used this new Neteller to cashout
-Pokerstars refuses to give us the full account number of the Neteller used, making it impossible to trace the money.

Pokerstars then copy/paste e-mails us, informing us that the hacker knew our password "perfectly" and there were no failed attempts, followed by requesting that we deposit money into our account to cover the "fake deposits" made by the hacker's fake credit card. On top of the fact that we just lost our entire bankroll.

This case is almost identical to all the hacked accounts. In all of the cases, all the victims have received an e-mail from Pokerstars saying that our password has been compromised, putting the fault on us, giving the impression that it is an isolated case.

Quote:
Originally Posted by Pokerstars
Greetings from PokerStars.

Your account has been frozen as we have determined it was accessed from a foreign location without your knowledge. We have conducted a full investigation into your account and we believe that your PokerStars password may have been compromised.

Our facts to support this are as follows:

The logins to your account show no failed attempts; whoever accessed your account knew your password perfectly.

Computer finger printing technology is utilized by our Security Team in order to determine which computer your account was accessed from. In this case, our investigation concludes that your account was accessed from a foreign computer where no logins were previously detected from. It is therefore possible that your password has been compromised.

With regards to the bankroll in your account, unfortunately we have been unable to recover funds lost.

To conclude this matter, we would like to advise you that PokerStars will not be liable for funds lost on your PokerStars account. PokerStars will not be held liable for any losses as a result of insufficient security measures to ensure that your personal details remain secured. This is in accordance with the sections 10.2 and 10.3 of our Terms of Service which state your responsibilities as an account owner.
Since I made the original thread in Internet Poker about this around a dozen other people have came forward telling the story of how their accounts were hacked in the exact same manner. When we consider that only a small % of the Stars player pool posts on 2+2 it is entirely possible that the total number of accounts hacked could be in the hundreds.

In my case, my e-mail address is only used for Pokerstars, Full Tilt, and Holdem Manager forums (which I haven't posted on in years and it doesn't contain my PS username). When I google my PS username for the past 1 year, 0 results show up. I am practically a ghost, how could the hackers have found my account?
Also after my Pokerstars account was hacked, 4 minutes later, the hacker tried to enter my e-mail address but failed, indicating that he found out about my e-mail address from my PS account and not vice versa, and also showing that he did not know the password to my e-mail account (because my PS password is original and not used for anything else). It surely shows that they tried to enter my e-mail account, so the fact that none of our other accounts (Paypal/e-mail/etc.) have been hacked does raise suspicion, even though they were able to enter our PS passwords with 1 try.




As so many accounts have been hacked, there is a definite explanation to how they have been able to do it, though this is unclear just yet.

Below you will find a detailed summary of my case, and all the red flags that were missed by Pokerstars (it's almost identical to all other cases reported):

I am a ex-high stakes regular who has barely played for the past 4 years, my RSA token was cancelled a long time ago and as I didn't have a significant bankroll I didn't get another one. I hadn't logged into my account for 3 months (and haven't deposited for years), however it raised no red flags when:

-On 8:43 (CET Timezone) the hacker enters my PS account with a foreign IP address from Poland, a country I have never played from before.
-Makes a deposit of $10 into my account using a different Neteller account, even though I have used my own Neteller account for OVER 5 YEARS.
-Makes 69 purchases from the PS Store , converting 1000 FPP's into $10 each time, even though I have not made any purchases from the PS Store in years, and no one in their right mind would convert 69,000 FPP's, as a bronze star, because you will lose a lot of value.
-He requests to raise the deposit limit and Pokerstars approves it, without even doing a quick check whether a foreign IP is being used.
-Then proceeded to make 22 deposits (a total of 900 EURO'S) with a credit card that I have never used, even though I have used the same credit card for years. Plus, I've barely made any deposits since being a member, though apparently 22 deposits with a different credit card by a foreign IP raises no alarms.
-He proceeds to throw money away on the tables on games I don't usually play, even though more than 95% of my hands are played on HU SNG.
-On 10:10 CET he cashes out $800 to his Neteller account.

Quote:
Originally Posted by Pokerstars
Cashout request time: 2015/02/19 10:10 CET

Cashout amount: USD 800.00
USD 10.00 has been automatically credited back to your NETELLER account (4*******1509).
This amount is now available at NETELLER.
Credit transaction #1218445204

USD 790.00 will be credited to your NETELLER account (4*******1509) within 72 hours.
Within the same minute, on 10:10 CET, the remaining $790 is approved and credited to his Neteller account.
Quote:
Originally Posted by Pokerstars
Cashout request time: 2015/02/19 10:10 CET

Cashout amount: USD 790.00




USD 790.00 has been credited to your NETELLER account (4*******1509).
On 17:54 CET Pokerstars freezes my account and requests identification.

As you can see in the dates, the cashout was approved within 1 minute, even though it's not an instant cashout as the previous deposit only covers $10. Plus, Pokerstars refused to give me the full account number of the NETeller account that was used by the hacker to withdraw money from my PS account, making it impossible to trace the hacker.

When I asked Pokerstars to contact Neteller, they informed me that they did this on the 19th of February. However, in their next e-mail, they state that they contacted Neteller once I confirmed that the access was not authorized. However, this would mean that they contacted them on the 21st of February, as the 21st was the first time I contacted Pokerstars. So they have given 2 different dates in assuring me that they contacted Neteller.

Quote:
Originally Posted by Pokerstars
Neteller has confirmed that the funds are no longer in the Neteller account in question. If you would like more details regarding the Neteller account, please contact Neteller directly.
Though this is fruitless as they wont give me the full account ID of the Neteller account in question.

Quote:
Originally Posted by Neteller
We are sorry to hear what has happened to your PokerStars account. Unfortunately we are not able to retrieve the account as the transaction ID you have provided is not valid in our system. Please cooperate with PokerStars and have them contact us with the information so that we can assist regarding this matter.
Here is a link to my original thread in Internet Poker in which this issue was first brought to attention
https://forumserver.twoplustwo.com/28...acked-1513052/

Here's a quote from Pokerstars Michael J in the thread:

Quote:
Originally Posted by Pokerstars Michael J
Hi,

PokerStars can confirm that we’re aware of this thread and continuing to investigate the various issues raised. While we are unable to comment on specific situations, let us provide some additional context that might be informative more broadly.

-We are aware of no evidence to indicate that PokerStars’ database has been compromised, but we have alerted our internal security teams for their review as we usually do when such allegations are raised. It is worth noting in this context that the PokerStars database does not store a merely encrypted version of player’s password: it is hashed using a one-way formula (which is a form of one-way, irreversible, encryption). This prevents someone with access to our database from being able to decrypt a player’s password (although there’s no evidence that someone even got access to our password database). An accessible explanation of the differences between normal encryption and hashing (which we do) is available online here: https://danielmiessler.com/study/enc...ption_hashing/

-We believe that maintaining the security of player accounts requires a joint-partnership between both players and PokerStars. That’s why we invest in a whole range of strong security mechanisms on our end… but also why we enable players to make a decision about the level of security that they feel is appropriate for themselves. We do this by offering players things such as RSA Security Tokens, PokerStars PINs and SMS Validation. SMS Validation and PokerStars PINs are free to players to use, and SMS Validation in particular is specifically designed to mitigate the risk of unauthorised account access from new locations (such as what is alleged in this thread).

-One (small, but important) part of our security mechanisms includes automated emails to the account owners when their account is access from a new location for the first time. These emails have often reduced the impact caused by unauthorised account access.

-Finally, some players have made claims in this thread about “obvious” red flags that PokerStars should have identified. The activity described in this thread (such as accessing accounts from new locations, using new deposit methods and submitting cash outs soon after) are all very common activities, and a security system based around such mechanisms alone would have a significant number of false positives. This would cause many more innocent players to be caught by a system than actual security threats. In this context, this problem is called the ‘Base Rate Fallacy’ and an accessible explanation on this logic error is available online here: http://news.bbc.co.uk/1/hi/magazine/8153539.stm

Hopefully this explanation of the broader issues here is helpful.

Sincerely,

Michael Josem
PokerStars Communications Team
List of other people on 2+2 so far who have mentioned that their PS account has been hacked since the thread is up:
Cristos
boat2p2-2
burobest
shipppp09
Izzit
GreenDolphin
cianus
Spudhead
Muznik
Flashdancer
PWallis' gf
ZenX
Ohlongjohnson
Chopper104

We hope to reach as many people as possible now that this thread is in NVG. Hopefully this will prevent more people from being hacked (set your PIN up) and also allow more victims of the hackers to realise that what happened to them was not an isolated incident.

We ask everyone to provide the following details so that we can investigate this further:
Date & Time of 1st compromised:
Date & Time of last compromised

Deposit Details: (type of card and total amount)
Deposit Dates: 1st Deposit date/time and last deposit date/time
Withdraw Details: (what processor, details of the account - will say in w/d confirmation email, total amount)
Withdraw Dates: 1st withdraw date/time and last withdraw date/time
Country of your account (where its logged in from):
Country of Hack:
Is your password 100% unique:

Did your Full Tilt Poker account have an access attempt also: (To find out, login, then > Account > My Login History (Web)
Do you currently, or have you ever had a UK postal address on your PokerStars account:
Was your PokerStars account dormant (last used regularly more than 60 days ago):

It's worth noting that all the accounts so far seem to have a link to the UK. In my case, I lived in UK in 2011 and the address was added to my Pokerstars account.

A thank you to pmarrsouth and Spudhead for assisting me to write this summary.
Arcana is offline   Reply With Quote
Old 03-17-2015, 08:02 PM   #2
LostOstrich
Carpal \'Tunnel
 
LostOstrich's Avatar
 
Join Date: Jan 2008
Location: Head in the sand
Posts: 15,448
Re: Many Pokerstars accounts hacked recently, Stars accepts no liability

hoping to see some more reassuring replies from Stars than Michael J's offerings in the zoo thread. Specifically, I'd like to hear what Stars plan to do to in future when faced with two or more of the following:

- Account accessed from a new location
- Deposits from new payment methods
- Large cashouts to new payment methods
- Uncharacteristic activity at HU cash tables
LostOstrich is offline   Reply With Quote
Old 03-17-2015, 08:06 PM   #3
SrslySirius
Animated Character
 
SrslySirius's Avatar
 
Join Date: Jun 2010
Posts: 3,883
Re: Many Pokerstars accounts hacked recently, Stars accepts no liability

Quote:
Originally Posted by Arcana View Post
Pokerstars then copy/paste e-mails us, informing us that the hacker knew our password "perfectly" and there were no failed attempts, followed by requesting that we deposit money into our account to cover the "fake deposits" made by the hacker's fake credit card. On top of the fact that we just lost our entire bankroll.
Is this still the case? When I first read the thread in IP I assumed they'd eventually backtrack on it.

What was it, pay $1,000 or your account gets shut down?
SrslySirius is offline   Reply With Quote
Old 03-17-2015, 08:08 PM   #4
Louis Cyphre
Carpal \'Tunnel
 
Louis Cyphre's Avatar
 
Join Date: Jun 2006
Location: Porada Ninfu, Lampukistan
Posts: 10,482
Re: Many Pokerstars accounts hacked recently, Stars accepts no liability

Did any of those accounts use an RSA token?
Louis Cyphre is offline   Reply With Quote
Old 03-17-2015, 08:10 PM   #5
LostOstrich
Carpal \'Tunnel
 
LostOstrich's Avatar
 
Join Date: Jan 2008
Location: Head in the sand
Posts: 15,448
Re: Many Pokerstars accounts hacked recently, Stars accepts no liability

no
LostOstrich is offline   Reply With Quote
Old 03-17-2015, 08:11 PM   #6
PWallis
journeyman
 
Join Date: Mar 2014
Posts: 236
Re: Many Pokerstars accounts hacked recently, Stars accepts no liability

Greetings from PokerStars.

Your account has been frozen as we have determined it was accessed from a foreign location without your knowledge. We have conducted a full investigation into your account and we believe that your PokerStars password may have been compromised.

Our facts to support this are as follows:

The logins to your account show no failed attempts; whoever accessed your account knew your password perfectly.

Computer finger printing technology is utilized by our Security Team in order to determine which computer your account was accessed from. In this case, our investigation concludes that your account was accessed from a foreign computer in Russia where no logins were previously detected from. It is therefore possible that your password has been compromised.

With regards to the bankroll in your account, fortunately there was no real money activity during this access.

To conclude this matter, we would like to advise you that PokerStars will not be liable for funds lost on your PokerStars account. PokerStars will not be held liable for any losses as a result of insufficient security measures to ensure that your personal details remain secured. This is in accordance with the sections 10.2 and 10.3 of our Terms of Service which state your responsibilities as an account owner.

---

That's the main part of the email my gf received. She has used the same computer as me and my account hasn't been hacked so make of that what you will.
PWallis is offline   Reply With Quote
Old 03-17-2015, 08:17 PM   #7
wheatrich
Carpal \'Tunnel
 
wheatrich's Avatar
 
Join Date: Sep 2005
Posts: 17,776
Re: Many Pokerstars accounts hacked recently, Stars accepts no liability

If you don't have the highest security you can on a site you'd be mad if you lost it; get that highest security, now.

That is all.
wheatrich is offline   Reply With Quote
Old 03-17-2015, 08:20 PM   #8
pissychips
veteran
 
Join Date: Jul 2012
Location: I sit here on the sideleines foldin
Posts: 2,030
Re: Many Pokerstars accounts hacked recently, Stars accepts no liability

What was your password?
pissychips is offline   Reply With Quote
Old 03-17-2015, 08:21 PM   #9
Arcana
enthusiast
 
Arcana's Avatar
 
Join Date: Feb 2015
Posts: 55
Re: Many Pokerstars accounts hacked recently, Stars accepts no liability

Quote:
Originally Posted by Pokerstars
In regards to the unauthorized activities on your account (as per game play refers to), we have had our Poker Specialists inspect the nature of the unauthorized games in question. Our Poker Specialists has determined that the nature of the games in question was lost to legitimate players in various tournaments/tables without any calculative decision making. In other words, whoever played under your User ID had no intention other than to deprive the balance in your account.

In order to reinstate your account with a new password and PokerStars PIN, we would like to ask you that you please provide us with:

- confirmation of further deposit for the amount of $1,000.00 USD, to cover the funds deposited into your account via MasterCard, which may derive in chargebacks (these funds are debited from your account until chargeback is received, if no chargeback arrives, the funds are returned to your balance for you to continue using at our tables). If this step is not to be taken (as we understand what this represents), your account will remain frozen for 12 months from the deposits made, before it can be used again (however, should we received chargebacks, repayment of these funds is required before account full reinstatement).
I've a question for Pokerstars Michael J (this is the only question I have asked, so please answer it):

What happens when the account holder himself decides to use a fraudulent credit card to deposit $1000 and then cash it out through Neteller directly afterwards? Will you stop them? Or does your security have flaws, making it impossible to do so?


1) If indeed your security has flaws and you are not able to stop this, it means people can get away with stealing $1000 from your company easily.
2) If your security doesn't have flaws and you can stop this, then why did you not stop it in our case?

Worth noting here, I am not even talking about a hacker entering an account with a FOREIGN IP address raising all kinds of red flags in the process and then do a thing like this. No, I am talking about normal customers, being able to deposit with a fraudulent credit card and then cashing out soon after, never returning to Pokerstars leaving the company to cover the debts.
Arcana is offline   Reply With Quote
Old 03-17-2015, 08:24 PM   #10
DK Barrel
Concept of the Week author
 
DK Barrel's Avatar
 
Join Date: Aug 2011
Location: no gamble, no future
Posts: 6,155
Re: Many Pokerstars accounts hacked recently, Stars accepts no liability

You think it's possible that the perp is a pokerstars insider, or connected to one?

It seems to me these actions (depositing repeatedly, playing a little bit, making several small FPP purchases) are deliberate to avoid setting off security flags (and, interestingly, getting a cashout processed instantly.)
DK Barrel is offline   Reply With Quote
Old 03-17-2015, 08:46 PM   #11
dzapp
banned
 
Join Date: Dec 2014
Posts: 260
Re: Many Pokerstars accounts hacked recently, Stars accepts no liability

As a american i hope my account doesnt get hacked, ill never be able to play my homegames
dzapp is offline   Reply With Quote
Old 03-17-2015, 08:52 PM   #12
ZenX
journeyman
 
ZenX's Avatar
 
Join Date: Feb 2009
Location: Calgary, Alberta
Posts: 212
Re: Many Pokerstars accounts hacked recently, Stars accepts no liability

My case is slightly different in that I am Canadian, and according to Pokerstars security my account was accessed from Lethbridge, Alberta. ( Approximately 300kms from where I live.) Pokerstars security did an investigation and concluded that my account had in fact been hacked, but any money lost from fradulent deposits was my responsibility as I did not do everything in my power to protect my account. Even though I have never shared my password, never logged on from any device other than my own, and my account had a unique password.

The breach occured on Nov 24, 2014 in the Afternoon. I was playing on my cell phone on pokerstars mobile. I logged out after my session, and within minutes I received an email saying that my account was accessed by a new device. I wasnt alarmed at first, because before I was able to play on mobile there was a software update, so I just assumed that the new software registered my mobile as a new device. A couple of minutes after that, I received an email saying that my self imposed deposit limit of $20usd has succesfully been increased to $1500USD/Week. This was followed be six consecutive deposit request emails. 5 were Declined and one was approved. ( Transaction ID#1172093006 $181.45 USD - Approved#1172093188 $345.62 USD- Declined#1172093501 $95.04 USD - Declined#1172093853 $371.54 USD - Declined#1172094336 $181.45 USD - Declined#1172098486 $380.12 USD - Declined). Subsequent emails with Pokerstars security indicated that the deposits were done with 3 different credit cards.

Thanks to the fact that I got the emails from Pokerstars, I was able to contact them and let them know that my account had been breached, and after about 45 minutes they were able to freeze my account. I had approximately $38 USD on my account. The hacker played a $200 Hyper 6 max sitngo and lost, leaving my account with $22. Pokerstars deducted the amount of the fradulent deposit from my account leaving me with a balance of -$159.16. I was told that I would have to cover this amount if I wanted my account reinstated.

After all of this I carefully scanned both my computer and my phone and found no virus or malware. None of my other online accounts were comprimised at all. ( My full tilt account was suspended as soon as I reported the breach with Pokerstars, so I dont know if any login attempts were made)

I havent made up the short fall in my account, as I wasnt convinced that the security breach was not on Pokerstars end. I was also frustrated by the fact that I used the companies own responsible gaming feature to limit my deposits to $20 per week, and with just a single click of a button it was able to be increased by $1480. Whats the point of having responsible gaming features if they can be changed that easily? ( I had these limits for many months, apparently Pokerstars policy is that after 7 days you can change the settings. I wasnt aware of this. I actually thought that if you wanted to change them that there was a 7 day waiting period, which makes much more sense.) If they had respected the limits I had set, none of this would have happened.

I dont imagine that I will be able to regain access to my account, but I am hoping that this thread will flush out more people this has happened to, which in turn will cause Pokerstars to investigate these cases more closely. And hopefully the community can put pressure on Pokerstars to not put the burden of repaying fradulent transactions on their customers. ( After they investigate and realize that the customer was not at fault of course) And also to serve as warning for current Pokerstars users to use the extra security features available so that they dont have to go through this as well.
ZenX is offline   Reply With Quote
Old 03-17-2015, 08:52 PM   #13
TwoSaltyPigs
newbie
 
Join Date: May 2009
Posts: 40
Re: Many Pokerstars accounts hacked recently, Stars accepts no liability

It's problem.
TwoSaltyPigs is offline   Reply With Quote
Old 03-17-2015, 09:08 PM   #14
jh1711
No freakin title????????
 
jh1711's Avatar
 
Join Date: May 2012
Location: There is no box
Posts: 3,744
Re: Many Pokerstars accounts hacked recently, Stars accepts no liability

Quote:
Originally Posted by dzapp View Post
As a american i hope my account doesnt get hacked, ill never be able to play my homegames
Did you read the TOS the friendly Stars rep linked. Even if you can only play for bragging rights, you're still liable for all the actions performed with your credentials. If a hacker convinces stars you moved and deposits fake dollars and runs, you get the bill.

Feel free to read their terms of service for play money customers.
jh1711 is offline   Reply With Quote
Old 03-17-2015, 09:10 PM   #15
TheJacob
veteran
 
TheJacob's Avatar
 
Join Date: Jul 2007
Posts: 3,487
Re: Many Pokerstars accounts hacked recently, Stars accepts no liability

Sending an email when you log in from a new device isn't sufficient.

Even if you see the email immediately you likely won't get a response quickly enough to stop the fraud.

They should be sending a code to your email or phone. Also, I always remember there being some sort of review process for cashouts.

If I logged in from a new device, deposited, and tried to cashout I would fully expect an email from pokerstars asking me what the hell was going on.

You should be responsible for fraud on your account, but only if pokerstars is making a reasonable effort to protect you from the fraud.

They aren't.
TheJacob is offline   Reply With Quote
Old 03-17-2015, 09:18 PM   #16
jh1711
No freakin title????????
 
jh1711's Avatar
 
Join Date: May 2012
Location: There is no box
Posts: 3,744
Re: Many Pokerstars accounts hacked recently, Stars accepts no liability

Sorry to read about your case, ZenX.

Quote:
Originally Posted by ZenX View Post
Pokerstars deducted the amount of the fradulent deposit from my account leaving me with a balance of -$159.16. I was told that I would have to cover this amount if I wanted my account reinstated.
Could you post the exact wording they used when they asked you to cover the negative balance. You can redact any screennames and personal info. I'm just interested if the emails implied threads that are illegal in some jurisdictions.
jh1711 is offline   Reply With Quote
Old 03-17-2015, 09:22 PM   #17
ZenX
journeyman
 
ZenX's Avatar
 
Join Date: Feb 2009
Location: Calgary, Alberta
Posts: 212
Re: Many Pokerstars accounts hacked recently, Stars accepts no liability

Quote:
Originally Posted by jh1711 View Post
Sorry to read about your case, ZenX.


Could you post the exact wording they used when they asked you to cover the negative balance. You can redact any screennames and personal info. I'm just interested if the emails implied threads that are illegal in some jurisdictions.
security@pokerstars.com Nov 25, 2014
To
me
Hello Bruce,

Thank you for your reply. We have conducted a full investigation into your account and we believe that your PokerStars password may have been compromised.

Our facts to support this are as follows:

Computer finger printing technology is utilized by our Security Team in order to determine which computer your account was accessed from. In this case, our investigation concludes that your account was accessed from an IP address which traces to Canada from a computer where no logins were previously detected from. It is therefore possible that your password has been compromised.

During the access to your PokerStars account there has been a credit card deposits totaling $181.45. We will deduct this amount from your PokerStars account to cover the future chargeback we expect to receive. This will bring your PokerStars account to a negative balance of $-159.16. You must request a deposit to settle the outstanding balance before you will be able to play again.

To conclude this matter, we would like to advise you that PokerStars will not be liable for funds lost on your PokerStars account. PokerStars will not be held liable for any losses as a result of insufficient security measures to ensure that your personal details remain secured. This is in accordance with the sections 10.2 and 10.3 of our Terms of Service which state your responsibilities as an account owner.

In order to reinstate your account to allow you to deposit and settle the negative balance, we would like to ask you that you please:

1. scan / reformat your computer and remove any virus or malwares detected

2. change the password on your e-mail account.

3. provide us with a clear digital photo of you holding your ID document (please make sure your equipment is clean from keyloggers before sending, to avoid compromising). Please make sure that your full name, date of birth and the expiry date of the document are clearly readable.

You can send this to security@pokerstars.com

Finally, you may wish to visit the following link which offers suggestions on keeping your password secure and details about additional security features offered by PokerStars:

http://www.pokerstars.com/poker/room...ity/passwords/
http://www.pokerstars.com/poker/room...ecurity/token/

Your cooperation is appreciated.

Regards,

Bev
PokerStars Security Team
ZenX is offline   Reply With Quote
Old 03-17-2015, 09:39 PM   #18
Donkem
journeyman
 
Donkem's Avatar
 
Join Date: Feb 2014
Location: Close to donks
Posts: 359
Re: Many Pokerstars accounts hacked recently, Stars accepts no liability

Quote:
Originally Posted by ZenX View Post
During the access to your PokerStars account there has been a credit card deposits totaling $181.45. We will deduct this amount from your PokerStars account to cover the future chargeback we expect to receive. This will bring your PokerStars account to a negative balance of $-159.16. You must request a deposit to settle the outstanding balance before you will be able to play again.
He gets robbed in unknown circumstances, and PS just assumes he s guilty and fines him. wow this is just beyond me.

Btw i think everyone should rate this a 5* thread to make it as noticeable as possible.
Donkem is offline   Reply With Quote
Old 03-17-2015, 09:53 PM   #19
Monorail
adept
 
Join Date: Feb 2014
Posts: 977
Re: Many Pokerstars accounts hacked recently, Stars accepts no liability

Is it technologically all that difficult for sites to add an option that would allow a player to limit account access to a single IP? Seems like a piece of cake, no? 99% of the time I play from home...sites should allow me to restrict login access to my poker account from ONLY a single IP. I could toggle that option off if I knew I was going to be traveling or if I wanted to play from a different location. Some people have dynamic IPs, sure, but this would still be worth it for people playing from static IPs (or let people specify, I dunno, an IP range, or a specific ISP).

What am I missing? Isn't this easy, and while not bulletproof I'm sure, wouldn't it provide an additional and pretty comforting layer of security?
Monorail is offline   Reply With Quote
Old 03-17-2015, 10:02 PM   #20
young_bluffkin
journeyman
 
Join Date: Nov 2011
Posts: 297
Re: Many Pokerstars accounts hacked recently, Stars accepts no liability

WTF, how did Stars let the cashout to the new neteller account happen AND how the **** are they not cooperating with neteller to return the money to OP/ catch the people involved?
young_bluffkin is offline   Reply With Quote
Old 03-17-2015, 10:04 PM   #21
jh1711
No freakin title????????
 
jh1711's Avatar
 
Join Date: May 2012
Location: There is no box
Posts: 3,744
Re: Many Pokerstars accounts hacked recently, Stars accepts no liability

Thank you for posting the entire email, Zenx.

The following quote and that they didn't mention any alternatives to paying the balance should be enough to get them into trouble. I'll consult with my colleagues tomorrow. Normally they do the law stuff, and I'm the IT guy.

"This will bring your PokerStars account to a negative balance of $-159.16"

Thanks again
jh1711 is offline   Reply With Quote
Old 03-17-2015, 10:47 PM   #22
Masq
Carpal \'Tunnel
 
Masq's Avatar
 
Join Date: Oct 2008
Posts: 13,717
Re: Many Pokerstars accounts hacked recently, Stars accepts no liability

Lee Jones has nothing to say about this? He often appears in other Stars threads in NVG.
Masq is offline   Reply With Quote
Old 03-17-2015, 11:08 PM   #23
TheJacob
veteran
 
TheJacob's Avatar
 
Join Date: Jul 2007
Posts: 3,487
Re: Many Pokerstars accounts hacked recently, Stars accepts no liability

RSA tokens are great and I used one on FTP, but not everyone has them and there are other ways to secure accounts.

Treating a new device and location the same as an established device/location is negligent. This doesn't mean sending an email. That isn't enough.

You don't give that device the same permissions you do an established device. At least not until some sort of verification is done.
TheJacob is offline   Reply With Quote
Old 03-17-2015, 11:18 PM   #24
Benjola
journeyman
 
Benjola's Avatar
 
Join Date: Apr 2013
Posts: 336
Re: Many Pokerstars accounts hacked recently, Stars accepts no liability

Quote:
Originally Posted by TheJacob View Post

You don't give that device the same permissions you do an established device. At least not until some sort of verification is done.
This is what I thought the case was, apperently not, so now I'll just start checking my account every few hours like a paranoid idiot.
Thanks stars.
****ing ridiculous.

What's the point of sending me the 'account access from new device' warning email if you let that new device insta add new CCs and bank/Netteller accounts and even WITHDRAW FUNDS THE SAME DAY!
Wtf is going on here?

Last edited by Benjola; 03-17-2015 at 11:25 PM.
Benjola is offline   Reply With Quote
Old 03-17-2015, 11:18 PM   #25
Nevahascards
adept
 
Nevahascards's Avatar
 
Join Date: Mar 2008
Location: Mitigating disasters
Posts: 876
Re: Many Pokerstars accounts hacked recently, Stars accepts no liability

wtf stars

this is crazy
Nevahascards is offline   Reply With Quote

Reply
      

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Forum Jump


All times are GMT -4. The time now is 12:26 PM.


Powered by vBulletin®
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Copyright © 2008-2017, Two Plus Two Interactive
 
 
Poker Players - Streaming Live Online