大家好,

我们团队对最近账号被盗的调查得出结论,所有账号都是在Elysium创建的。目前我们还不清楚是什么原因导致账号被盗,因为我们大部分的账号都是从Elysium创建,所以我们推测数据是从LH之外泄露。我们开始审查我们的服务器和系统,确保账号数据安全不会再出现类似的情况。我们现在没有找到任何线索断定是LH的行为造成这样的情况。

 

盗号行为和RMT(现金交易)有密切的关联,盗取金币和材料换取现金。

 

为了安全起见,我们强烈建议玩家们修改密码,特别是那些在Elysium时期创建的账号虽然LH服务器数据是安全的,我们还是建议玩家们定期更改密码,这是维护互联网数据安全的重要的手段。如果玩家们有使用一样用户名、密码、电子邮件的习惯,我们强烈建议你最好每个账户使用独立信息。特别是电子邮件地址,因为电子邮件作为验证账号归属的唯一凭证,一旦一个账号被盗,那么使用同一电子邮件的账号都会有被盗号风险。

 

我们将在调查结束第一时间公布调查结果。除非发现直接证据,任何怀疑我们数据安全的推测都是无中生有。如果你发现关于LH的安全漏洞,请第一时间联系我们。

 

如果你ELYSIUM已经启用了2FA验证,我们建议你尽快移除,然后启用LH2FA验证系统。


Greetings,

 

After a somewhat lengthy investigation into a string of hacked accounts, we have been able to conclude that nearly every account in this investigation are ones that were created on the Elysium Project prior to the launch of the Light's Hope. It is unknown at this time how these these credentials have been compromised, but due to the high percentage of accounts being prior to our creation we can only speculate that the login credentials were leaked, stolen, or compromised from data outside of the control of Light's Hope. As a precaution, we have reviewed our services to verify this and will continuously monitor our systems to ensure that our own data integrity remains intact. We have no reason to believe at this time this is a result of any action on the part of Light's Hope, rather other parties that may have either had access to the data we inherited or currently still do.

 

These hacked accounts are exclusively linked to RMT (Real Money Trade) services, which empty the accounts of items and gold in order to stockpile for sale.

 

As a security precaution, we are urging users to reset their passwords across the board, especially if your account was originally created on the Elysium Project. We have no reason at this time to believe data integrity for Light's Hope itself is compromised but advise password changes regardless as a practice of good internet security habits. If you have a bad habit of reusing usernames, passwords, e-mails, etc. we highly encourage you to review those services and ensure you utilize a unique password for each system. This is especially important for e-mails, as entities like Light's Hope use your e-mail to verify your identity and a compromised e-mail account can and will lead to other services being taken over as a result.

The full report regarding the compromised accounts will be made available to the public once the investigation is complete. Until other parties can generate evidence that proves otherwise, any accusations that our own systems are compromised are false. If you believe you have a finding regarding our system security, we encourage you to share your findings with us as soon as possible.

 

If you have enabled 2FA during the Elysium Project and have not reset it since, we urge that you remove it from your account as soon as possible and re-apply it with via our account management control panel(edited)