.png)
4 months ago
3
(Small Update in Comments) I've played this game from launch, with 1231 hours on record on Steam. On June 27th (yesterday), a hacker attempted to access my Ubisoft account by guessing my password. I used a unique, randomly generated password and had 2-Factor Authentication set to my phone number so I was not concerned.
The hacker proceeds to message Ubisoft Support directly, asking for access into my account. Ubisoft Support sends them a link to verify ownership.
The hacker simply replies "Hi I got in on the one you sent to my Gmail not the old one", and Ubisoft Support prompts them to provide an email so that email can access to my account. Within moments, my 2-Factor is disabled, all account credentials are changed and I no longer have access to my account.
This blatant lack of security is astounding. Ubisoft Support bypassed all of the intentional safeguards on my account, and hand delivered my account to a fraudulent hacker, through something as simple as support tickets.
Upon sending a ticket to Ubisoft support for help, I was prompted to provide verification of my account. The verification option was already changed from my PC, to the hacker's Playstation. I asked support if there was any other methods to verify my account ownership, and I was told my case was closed due to a lack of ownership verification.
This is absolutely unacceptable. The immense security risks here, mean that any account can be breached, even with MFA serving as a key to the account. No account is safe with this type of system and support in place.
I'm going to keep at it, continually send tickets to Ubisoft as others have done, and do what I can to have this fixed. If not for my own account, but to find some semblance of accountability.
