I got one yesterday as well. Except mine didn't say it was a password change, but rather a change to the e-mail address of my account. Oh, and I also don't have a copy of GW2. I did have GW1 on that address, so I put in a ticket (after typing the address myself, of course), when I discovered I couldn't log in to the website with that address. The site said there was no account with the e-mail address, but it did seem to indicate that GW1 account should have been able to log in. That was a day ago and now after doing a little legwork, and finding the e-mail asking me to click the link to confirm the change of address in my spam folder with the exact same timestamp as the e-mail confirming it's been accepted, I've decided to redownload the GW1 client and see what happens. But I'm at PAX and my hotel has pretty crappy WiFi, so I'll have to check up on it in the morning.
If my account was actually stolen, my guess is there are two points to this hack. First, is that they are using some known list of e-mail addresses and passwords (I had a WoW account hacked three years ago that probably had the same password then as I used the last time I actually played Guild Wars). Second, they are somehow locating the key to confirm the e-mail address without actually accessing the e-mail (or they have mine and aren't showing any other indication of that, but my e-mail is most definitely under a different password than it was then.) The fact that web password changes are down right now seems to feed that theory.
Edit: Guild Wars downloaded to a playable state over night. GW client tells me the e-mail address is not recognized. And since I almost never delete any e-mails ever, I still have the original account activation e-mail from 2004 for my GW1 account. Still no word from ArenaNet.
Log in to comment