I think someone may have been using my account

I recently got an email saying I had purchased 2 things using Coins. I haven’t used this website in ages, but can I find out the location of where these games were purchased from?

email help@chrono.gg this did happen a while ago with Insurgency and a couple other games:

https://206.81.1.216/t/i-have-recieved-an-insurgency-code-even-though-i-did-not-bought-the-game/6033?u=nebula7

If it is happening again people probably need to change their passwords.

1 Like

Yeah, I have changed my passwords and I’m going to every website that I can remember and changing those too. Pain in the butt but oh well.

I’m more interested to know what area of the world this purchase was made from if that’s at all possible. I’d like to know where the “hackers” are coming from.

1 Like

It’s prob from a dump. If you use the same password as websites that have been hacked before, your email:password pair may be publicly available and they try every pair from there.

You can check your email here: https://haveibeenpwned.com/

4 Likes

Sorry to hear. When your account is compromised then it’s annoying as you don’t know what they’re doing with the account, other than abusing it.

This is kinda why I requested optional 2FA for accounts here. As currency in whatever form leads to some abuse.

2 Likes

There wasa pretty big- massive dump of email addresses from a spam marketing list right around the time of the Insurgency buys. May not have had anything to do with it, but these days with a lot of the hashed dumps out there most passwords have been cracked. All someone has to do is match the first credentials from one dump to another when they have the unencrypted info from one. Don’t even need to crack the hashes anymore.

Using different passwords is more important than ever.

1 Like