Due to an increase in players losing access to their accounts, we'll be sending out emails to all active accounts in the last 3 years to change their passwords. Some players may have to contact support to prove ownership of their account due to suspicious activity.
This forum thread has been created for you to ask questions regarding this subject and so all information is in one place for other players.
At GamersFirst we work hard to provide a safe, fun environment for all our players. To ensure the security of your account, we are preemptively forcing password changes across much of our player base. To change your password, please login to the GamersFirst website which prompt you to change your password. When selecting a new password, please do not re-use a prior password or a password you use on another website.
This action is being taken due to a spike in account compromises and in-game item thefts targeting older GamersFirst accounts. After changing your password, we encourage you to login to APB Reloaded to verify the contents of your characters and their inventory. If you believe there are any issues with your account, please contact our technical support for assistance.
We do not believe any GamersFirst servers or databases have been compromised. Instead, we believe the attackers are utilizing e-mails and passwords leaked in one of the many large data breaches that have occurred over the years from third-party websites and services. Examples of these breaches include: Yahoo, Adobe, LinkedIn, as well as numerous gaming websites. These kinds of attacks are unfortunately common for all large websites and services as users routinely use the same e-mail and password across every site.
Going forward, we recommend all players follow these guidelines for account security:
Use a complex password with a minimum length of 8 characters. Our change password form provides a strength indicator along with suggestions for making your password stronger.
Do not share or use the same password across multiple websites or services. This reduces the damage from any one site being breached.
Use a password manager such as KeePass, 1Password, or LastPass to generate and store your passwords.
Enable 2FA authentication (one-time codes, SMS, or e-mail verification), if supported by the website or service. We do not currently support these options but are working toward implementing them due to this incident.
Sign up and use a service which will notify you if your account has been identified as part of a data breach. A popular website is the “Have I been pwned?” service operated by Troy Hunt, a Microsoft Regional Director and cybersecurity expert.
We will be posting this notice and engaging with our player community on our forums. Please feel free to reach out to us there for further information or contact our support.
The GamersFirst Team