Tweet
There has been a recent outbreak of unauthorized third-party access all across the internet. It should not come as a surprise that PlayOnline and FINAL FANTASY XI users have also been targeted and harmed by unauthorized third-party access.
Due to the current situation, the FINAL FANTASY XI development and management teams looked into expanding the policy dealing with unauthorized access for users who have had their accounts accessed by third parties. Today, the new policy and its corresponding support services went into effect.
The primary changes to the policy include the addition of relief measures according to a management team's investigation, a likely increase in support response times, and a larger selection of recovery points for players whose game data has been lost.
In addition to the policy changes, details regarding preventative measures for dealing with unauthorized access and procedures for recovering one's account are also included on the page.
Unauthorized Access
Unauthorized access refers to a third party (someone other than the actual account user) accessing an account without permission and/or using information somehow obtained from the user). This is not only a violation of the PlayOnline User Agreement, but may also be a criminal act in violation of the law.
Even if someone who has had an account accessed by a third party manages to take it back and successfully log in, it is not uncommon for items, gil, or even characters to be altered.
The following guidelines set out preventative measures to safeguard users from unauthorized access, as well as procedures for recovering a user account in the case that it is accessed by a third party.
Preventative Measures Against Unauthorized Access
The following are preventative measures to safeguard users' account information from malicious third parties.
* Do not share your PlayOnline ID or password with anyone, even if you are close friends. Do not keep a paper copy of your PlayOnline ID or password in an easily accessible location. Remember that Square Enix will never ask a customer for their password.
* If you are using a shared computer or any other system that a third party may also use, be sure to use “Guest Login†so that your PlayOnline ID and password are not stored or accessible to other users.
* Do not click on suspicious links when viewing the web. Also, do not use third party, unauthorized “helper†programs, because they could result in account information becoming compromised. Periodically run Windows Update, virus checks, and keep your security updated to the latest version.
*There are cases where users' information has been compromised, even with virus software installed and tight security in effect. Please be careful. Do not assume that you are protected from programs which compromise account information. Virus software will not always be able to prevent all unauthorized access.
* When deciding your password, avoid strings of characters that are easy to guess. Periodically change your password.
* If you become aware or feel that someone has obtained your PlayOnline ID or password, please immediately change your password or contact the PlayOnline Information Center for assistance.
Square Enix's Countermeasures for Dealing with Unauthorized Access
As set out in Article 5 of User Responsibilities of the PlayOnline User Agreement, management and security of one's PlayOnline ID and password is solely the responsibility of the user.
If you think that the account has been accessed by an unauthorized third party, please first contact the PlayOnline Information Center. We will perform our own internal investigation to determine whether or not there was unauthorized access, and do so as quickly as possible.
PlayOnline, at its discretion, may provide two kinds of assistance for customers whose accounts have been accessed by third parties: “account recovery†and “game data recovery.†Both of these may be provided based on the results of our own internal investigation. “Account recovery†removes the disciplinary measures history for the period that the account was being accessed, as well as fixing the password changes and other data that was altered during the period of unauthorized access. “Game data recovery†restores an account's game data to the state it was in before it was altered through unauthorized access. Game data recovery, however, can only be requested once per customer. (Multiple accounts can be dealt with on a single recovery request).
Procedures for Account Recovery
If you are unable to log into the account, you can log in to the account but items have disappeared, or you suspect that the account may have been accessed by a third party, please contact the PlayOnlineInformation Center. After your situation has been assessed, we will proceed to one of the two procedures outlined below.
Account Recovery
“Account Recovery†involves returning a compromised account to the original registrant of the account. An additional measure to the account recovery process is deletion of disciplinary measures that occurred during the period that the account was considered compromised.
[ Step 1: Contacting the PlayOnline Information Center ]
Please contact the PlayOnline Information Center by telephone or through our web chat system. We are unable to process account recovery request through email inquiries. We will work with the original registrant of the account to reestablish access to the account. This process will include identifying key pieces of information on the account and possible identify verification through a third party (Notary Public) should the original registrant not be able to identify all necessary information.
If you become aware of unauthorized access outside of the PlayOnlineInformation Center's hours of operation and possess multiple PlayOnline IDs, log in from another PlayOnline ID and contact a Game Master (GM). The GM will make the accessed account temporarily unavailable. However, please note that a GM cannot perform account related actions such as changing one's password, so it will be necessary to contact the Information Center when they re-open.
https://secure.playonline.com/supportus/index.html
[ Step 2: Verifying your PC's Safety ]
It is possible that a third party accessed your PlayOnline ID and password through a virus or spyware that had infected your PC. If your PC is infected with such programs and you enter the new password you received from the PlayOnline Information Center, the account could again be accessed by an unauthorized third party.
Update your security software to the latest version and perform a virus scan. If your computer is infected with any viruses, exterminate them immediately and then change your PlayOnline password once again.
After you log in to the account, check whether or not the game data has been altered.
*Deletion of the disciplinary measures history will occur after PlayOnline's internal investigation.
Game Data Recovery
If you discover that the game data has sustained any problems due to unauthorized access, please contact the PlayOnline Information Center within 7 days of your account's recovery. Game data may be recovered for customers who fulfill the following two requirements.
* You have not had your game data recovered since April 23, 2008.
*Game data recovery is different from item recovery where you request the return of lost items.
* It is still within 3 months of your account being accessed by an unauthorized third party.
[ Step 1: Contacting Square Enix ]
Please contact the PlayOnline Information Center by telephone. If the line is busy or it is outside of the hours of operation, please contact a GM through a GM call.
[ Step 2: Agree to the Terms For Game Data Recovery ]
You will need to agree to the terms listed below (please read them carefully before contacting the PlayOnline Information Center).
Terms For Game Data Recovery
* By utilizing server backup data, the game data will be returned to its state before your account was accessed by an unauthorized third party.
However, we cannot specify exactly to which point in time the data may be returned. We also cannot return the data to a time designated by the user.
There are cases where, according to certain circumstances, the backup data isn't saved and game data recovery is not possible.
* Game data recovery can only be requested once per customer.
(Multiple accounts can be dealt with on a single recovery request)
* There are cases where your character's name may not be available due to a world transfer or other circumstance where another character with the same name already exists.
* You cannot use the account until the game data recovery has concluded (generally takes about one week).
* If it is discovered that you have made a false game data recovery request, action will be taken according to the PlayOnline User Agreement.
When the recovery work has concluded, we will contact you by e-mail.
Please verify that your registered e-mail address is up to date and is not set as your PlayOnline e-mail address.
* If we cannot find any evidence of unauthorized access through our internal investigation, the game data will not be recovered.
[ Step 3: Wait for Restoration Confirmation E-mail from PlayOnline ]
PlayOnline will contact you by e-mail with the result of the recovery once it has concluded. Recovery generally takes one week, but if you have still not received an e-mail after a week, please contact the PlayOnline Information Center.
Click here to view the compromised account policy.
Due to the current situation, the FINAL FANTASY XI development and management teams looked into expanding the policy dealing with unauthorized access for users who have had their accounts accessed by third parties. Today, the new policy and its corresponding support services went into effect.
The primary changes to the policy include the addition of relief measures according to a management team's investigation, a likely increase in support response times, and a larger selection of recovery points for players whose game data has been lost.
In addition to the policy changes, details regarding preventative measures for dealing with unauthorized access and procedures for recovering one's account are also included on the page.
Unauthorized Access
Unauthorized access refers to a third party (someone other than the actual account user) accessing an account without permission and/or using information somehow obtained from the user). This is not only a violation of the PlayOnline User Agreement, but may also be a criminal act in violation of the law.
Even if someone who has had an account accessed by a third party manages to take it back and successfully log in, it is not uncommon for items, gil, or even characters to be altered.
The following guidelines set out preventative measures to safeguard users from unauthorized access, as well as procedures for recovering a user account in the case that it is accessed by a third party.
Preventative Measures Against Unauthorized Access
The following are preventative measures to safeguard users' account information from malicious third parties.
* Do not share your PlayOnline ID or password with anyone, even if you are close friends. Do not keep a paper copy of your PlayOnline ID or password in an easily accessible location. Remember that Square Enix will never ask a customer for their password.
* If you are using a shared computer or any other system that a third party may also use, be sure to use “Guest Login†so that your PlayOnline ID and password are not stored or accessible to other users.
* Do not click on suspicious links when viewing the web. Also, do not use third party, unauthorized “helper†programs, because they could result in account information becoming compromised. Periodically run Windows Update, virus checks, and keep your security updated to the latest version.
*There are cases where users' information has been compromised, even with virus software installed and tight security in effect. Please be careful. Do not assume that you are protected from programs which compromise account information. Virus software will not always be able to prevent all unauthorized access.
* When deciding your password, avoid strings of characters that are easy to guess. Periodically change your password.
* If you become aware or feel that someone has obtained your PlayOnline ID or password, please immediately change your password or contact the PlayOnline Information Center for assistance.
Square Enix's Countermeasures for Dealing with Unauthorized Access
As set out in Article 5 of User Responsibilities of the PlayOnline User Agreement, management and security of one's PlayOnline ID and password is solely the responsibility of the user.
If you think that the account has been accessed by an unauthorized third party, please first contact the PlayOnline Information Center. We will perform our own internal investigation to determine whether or not there was unauthorized access, and do so as quickly as possible.
PlayOnline, at its discretion, may provide two kinds of assistance for customers whose accounts have been accessed by third parties: “account recovery†and “game data recovery.†Both of these may be provided based on the results of our own internal investigation. “Account recovery†removes the disciplinary measures history for the period that the account was being accessed, as well as fixing the password changes and other data that was altered during the period of unauthorized access. “Game data recovery†restores an account's game data to the state it was in before it was altered through unauthorized access. Game data recovery, however, can only be requested once per customer. (Multiple accounts can be dealt with on a single recovery request).
Procedures for Account Recovery
If you are unable to log into the account, you can log in to the account but items have disappeared, or you suspect that the account may have been accessed by a third party, please contact the PlayOnlineInformation Center. After your situation has been assessed, we will proceed to one of the two procedures outlined below.
Account Recovery
“Account Recovery†involves returning a compromised account to the original registrant of the account. An additional measure to the account recovery process is deletion of disciplinary measures that occurred during the period that the account was considered compromised.
[ Step 1: Contacting the PlayOnline Information Center ]
Please contact the PlayOnline Information Center by telephone or through our web chat system. We are unable to process account recovery request through email inquiries. We will work with the original registrant of the account to reestablish access to the account. This process will include identifying key pieces of information on the account and possible identify verification through a third party (Notary Public) should the original registrant not be able to identify all necessary information.
If you become aware of unauthorized access outside of the PlayOnlineInformation Center's hours of operation and possess multiple PlayOnline IDs, log in from another PlayOnline ID and contact a Game Master (GM). The GM will make the accessed account temporarily unavailable. However, please note that a GM cannot perform account related actions such as changing one's password, so it will be necessary to contact the Information Center when they re-open.
https://secure.playonline.com/supportus/index.html
[ Step 2: Verifying your PC's Safety ]
It is possible that a third party accessed your PlayOnline ID and password through a virus or spyware that had infected your PC. If your PC is infected with such programs and you enter the new password you received from the PlayOnline Information Center, the account could again be accessed by an unauthorized third party.
Update your security software to the latest version and perform a virus scan. If your computer is infected with any viruses, exterminate them immediately and then change your PlayOnline password once again.
After you log in to the account, check whether or not the game data has been altered.
*Deletion of the disciplinary measures history will occur after PlayOnline's internal investigation.
Game Data Recovery
If you discover that the game data has sustained any problems due to unauthorized access, please contact the PlayOnline Information Center within 7 days of your account's recovery. Game data may be recovered for customers who fulfill the following two requirements.
* You have not had your game data recovered since April 23, 2008.
*Game data recovery is different from item recovery where you request the return of lost items.
* It is still within 3 months of your account being accessed by an unauthorized third party.
[ Step 1: Contacting Square Enix ]
Please contact the PlayOnline Information Center by telephone. If the line is busy or it is outside of the hours of operation, please contact a GM through a GM call.
[ Step 2: Agree to the Terms For Game Data Recovery ]
You will need to agree to the terms listed below (please read them carefully before contacting the PlayOnline Information Center).
Terms For Game Data Recovery
* By utilizing server backup data, the game data will be returned to its state before your account was accessed by an unauthorized third party.
However, we cannot specify exactly to which point in time the data may be returned. We also cannot return the data to a time designated by the user.
There are cases where, according to certain circumstances, the backup data isn't saved and game data recovery is not possible.
* Game data recovery can only be requested once per customer.
(Multiple accounts can be dealt with on a single recovery request)
* There are cases where your character's name may not be available due to a world transfer or other circumstance where another character with the same name already exists.
* You cannot use the account until the game data recovery has concluded (generally takes about one week).
* If it is discovered that you have made a false game data recovery request, action will be taken according to the PlayOnline User Agreement.
When the recovery work has concluded, we will contact you by e-mail.
Please verify that your registered e-mail address is up to date and is not set as your PlayOnline e-mail address.
* If we cannot find any evidence of unauthorized access through our internal investigation, the game data will not be recovered.
[ Step 3: Wait for Restoration Confirmation E-mail from PlayOnline ]
PlayOnline will contact you by e-mail with the result of the recovery once it has concluded. Recovery generally takes one week, but if you have still not received an e-mail after a week, please contact the PlayOnline Information Center.
Click here to view the compromised account policy.
Comment