CHANGE THE CS SECURITY SYSTEM

[Darni]

I'm gonna just say I hope an announcement comes soon. I understand we got a few updates with a "more to be announced" tag line at the end, but if you've been called out in the past for not communicating (I was told some accounts were hacked years ago and there was also a communication problem then between staff & community members) and then you miscommunicate again people are going to not be as easily forgiving. I've been staying hopeful, but I'm not sure how much longer we are supposed to be holding out for an official announcement/statement/plan moving forward/ or anything else that could be posted. It was silly in the first place that people had to go through other community member's posts that were popping off because a ton of people got effected by like 13+ accounts being hacked. The only way you knew it was happening was people bumping threads, actively discussing it, or you were warned by some way outside CS and there are STILL players that have no idea this happened. I personally am hoping we get something within the week, but if they don't give us something I can just keep playing the game without trading or anything like that. /shrug

Edit: I also want to add I asked a staff member if they could answer a question on clarification on what happened (ex: if it was security breach or confirming it was another game like neopets that people used the same user name and password) and I didn't get a response and no one else posted after that because they seemed to be waiting for an answer from the staff who had been speaking in the thread. It's been over a week since I asked the question and I'd understand a "I can't answer that I'm sorry", but I got ghosted and that was quite frustrating adding to my discontent at the miscommunication

[*Icarus*]

I'm gonna just say I hope an announcement comes soon. I understand we got a few updates with a "more to be announced" tag line at the end, but if you've been called out in the past for not communicating (I was told some accounts were hacked years ago and there was also a communication problem then between staff & community members) and then you miscommunicate again people are going to not be as easily forgiving. I've been staying hopeful, but I'm not sure how much longer we are supposed to be holding out for an official announcement/statement/plan moving forward/ or anything else that could be posted. It was silly in the first place that people had to go through other community member's posts that were popping off because a ton of people got effected by like 13+ accounts being hacked. The only way you knew it was happening was people bumping threads, actively discussing it, or you were warned by some way outside CS and there are STILL players that have no idea this happened. I personally am hoping we get something within the week, but if they don't give us something I can just keep playing the game without trading or anything like that. /shrug

Edit: I also want to add I asked a staff member if they could answer a question on clarification on what happened (ex: if it was security breach or confirming it was another game like neopets that people used the same user name and password) and I didn't get a response and no one else posted after that because they seemed to be waiting for an answer from the staff who had been speaking in the thread. It's been over a week since I asked the question and I'd understand a "I can't answer that I'm sorry", but I got ghosted and that was quite frustrating adding to my discontent at the miscommunication

the data breach happened on another site where passwords were reused, if your worried about getting hacked change your password, if you wanna be extra cautious change your email password. if you didnt get breached on another site or if that account had a different password your account is safe. you can check if your info was breached here https://haveibeenpwned.com/ if it was just change your password on affected sites and you should be good to go.

never tell anyone your password, add symbols and capitol letters, and if anyone sends you a link that sends you to the same site but is asking you to login even though you already were dont login there, always check that the url is spelled correctly and your on the correct site to prevent phishing attacks

[Darni]

-snip-

See at first people were saying security breach, then a staff member said it was another site. I asked for clarification and got ghosted is more what I'm pointing at. My password has been changed already after I was hit with a reverse trade. My issue is again the miscommunication / lack of communication.

[Audrey_Bee]

they literally coded and added continued security updates mere days after another thread was made pointing out concerns, thats extremely fast. and with "We'll be announcing additional improvements soon.", if theres any site thats been paying attention to its userbases concerns right now its cs
thread in question:https://www.chickensmoothie.com/Forum/viewtopic.php?f=119&t=4876653

give em a sec to make more changes

big social media sites get data and password leaks all the time too, its a very common thing, you gotta do what you can to protect your own info too its just basic internet safety and if your passwords found in a data breach its as easy as just changing it.

^^ exactly. It seems the only thing people are mad about now is the fact there's been no announcement...
But we already know what happened, they're aware that we are aware, and now of a trade is reversed there WILL be an explanation. I'm not understanding why there's still an issue at all

[Darni]

they literally coded and added continued security updates mere days after another thread was made pointing out concerns, thats extremely fast. and with "We'll be announcing additional improvements soon.", if theres any site thats been paying attention to its userbases concerns right now its cs
thread in question:https://www.chickensmoothie.com/Forum/viewtopic.php?f=119&t=4876653

give em a sec to make more changes

big social media sites get data and password leaks all the time too, its a very common thing, you gotta do what you can to protect your own info too its just basic internet safety and if your passwords found in a data breach its as easy as just changing it.

^^ exactly. It seems the only thing people are mad about now is the fact there's been no announcement...
But we already know what happened, they're aware that we are aware, and now of a trade is reversed there WILL be an explanation. I'm not understanding why there's still an issue at all

I think people are upset at no announcement, no new security measure other than it does now update you when your information is changed (before someone could change your password and it wouldn't alert you that they changed it and you only knew you got hacked ONCE TRADES STARTED GETTING ACCEPTED), and that some of the suggestion threads were being locked over one person complaining out of a whole thread of people trying to giving constructive feedback or suggestions. Also they are completely valid in their frustrations and feelings especially since people went into debt for this entire debacle. This hacking thing went on about 5-7 days and there was no announcement during those 5-7 days. The only way you found out was you were reverse traded or you saw a post about it. There should have immediately been a mass email or something saying "If you use the same username/password for this site as other sites please update your password." After 3 accounts I would have expected something since A LOT of people can be effected by just one single account being hacked, but we're at like 13 accounts that were hacked and no complete update on what happened or is going to happen

[*Icarus*]

-snip-

See at first people were saying security breach, then a staff member said it was another site. I asked for clarification and got ghosted is more what I'm pointing at. My password has been changed already after I was hit with a reverse trade. My issue is again the miscommunication / lack of communication.

from my understanding it was a security breach, but it was from another site so both statements were technically true, they may not be able to answer your dm as it seems a lot of people are upset and worried, they probably have their hands full rn

while i agree with you a bit on the communication part, it seemed like a lot of people were worried about what might happen to their accounts and i wanted to help quell the fear an scaryness that can come up when breaches happen and try and prevent misinformation to the best of my ability, prevent some of the panic n stuff if that makes sense

[Darni]

-snip-

See at first people were saying security breach, then a staff member said it was another site. I asked for clarification and got ghosted is more what I'm pointing at. My password has been changed already after I was hit with a reverse trade. My issue is again the miscommunication / lack of communication.

from my understanding it was a security breach, but it was from another site so both statements were technically true, they may not be able to answer your dm as it seems a lot of people are upset and worried, they probably have their hands full rn

while i agree with you a bit on the communication part, it seemed like a lot of people were worried about what might happen to their accounts and i wanted to help quell the fear an scaryness that can come up when breaches happen and try and prevent misinformation to the best of my ability, prevent some of the panic n stuff if that makes sense

As stated earlier I posted this on a THREAD. This was not a DM to staff this was a public thread they were actively posting back and forth on. If it was a DM I would understand as they may be busy, but they were at the time of me posting actively in conversation on this thread. This is also not the first time miscommunication has happened when accounts are compromised. I also think people would be less fearful with an announcement and mass email saying this is going on. Leaving everyone in the dark hurt staff's relationship with the community a lot more than helped saved them from the fear of being reversed.

Edit: Realized this is getting more on the topic of communication than security. So I'll just end my statements with the same as before:
Hopefully we get an update soon and some more security features! :3

[*Icarus*]

they literally coded and added continued security updates mere days after another thread was made pointing out concerns, thats extremely fast. and with "We'll be announcing additional improvements soon.", if theres any site thats been paying attention to its userbases concerns right now its cs
thread in question:https://www.chickensmoothie.com/Forum/viewtopic.php?f=119&t=4876653

give em a sec to make more changes

big social media sites get data and password leaks all the time too, its a very common thing, you gotta do what you can to protect your own info too its just basic internet safety and if your passwords found in a data breach its as easy as just changing it.

^^ exactly. It seems the only thing people are mad about now is the fact there's been no announcement...
But we already know what happened, they're aware that we are aware, and now of a trade is reversed there WILL be an explanation. I'm not understanding why there's still an issue at all :/

I think people are upset at no announcement, no new security measure other than it does now update you when your information is changed (before someone could change your password and it wouldn't alert you that they changed it and you only knew you got hacked ONCE TRADES STARTED GETTING ACCEPTED), and that some of the suggestion threads were being locked over one person complaining out of a whole thread of people trying to giving constructive feedback or suggestions. Also they are completely valid in their frustrations and feelings especially since people went into debt for this entire debacle. This hacking thing went on about 5-7 days and there was no announcement during those 5-7 days. The only way you found out was you were reverse traded or you saw a post about it. There should have immediately been a mass email or something saying "If you use the same username/password for this site as other sites please update your password." After 3 accounts I would have expected something since A LOT of people can be effected by just one single account being hacked, but we're at like 13 accounts that were hacked and no complete update on what happened or is going to happen

do you expect the cs staff to immediately know this stuff is happening when the breach happened on another site and only affected a small amount of people? after they were aware something was happening,they needed to find out what was happening, then they needed figure out how to address it and create and then code updates to the security. 5-7 days is impressive.

[*Icarus*]

As stated earlier I posted this on a THREAD. This was not a DM to staff this was a public thread they were actively posting back and forth on. If it was a DM I would understand as they may be busy, but they were at the time of me posting actively in conversation on this thread. This is also not the first time miscommunication has happened when accounts are compromised. I also think people would be less fearful with an announcement and mass email saying this is going on. Leaving everyone in the dark hurt staff's relationship with the community a lot more than helped saved them from the fear of being reversed.

Edit: Realized this is getting more on the topic of communication than security. So I'll just end my statements with the same as before:
Hopefully we get an update soon and some more security features! :3

i think nick had posted smthn somewhere, might be on one of the other threads

edit: i think my last post mightve come off a bit more harsh then i mean i just realized bgdigb i speak really matter of fact sometimes wasnt intentding to sound rude

[reggyy]

do you expect the cs staff to immediately know this stuff is happening when the breach happened on another site and only affected a small amount of people? after they were aware something was happening,they needed to find out what was happening, then they needed figure out how to address it and create and then code updates to the security. 5-7 days is impressive.

It wasn't the speed in which they fixed the problem - the main issue was them locking threads discussing the problem and trying to figure out what was going on. Heck, they even were locking threads of people trying to help those regain lost pets + get out of C$ debt! Many people felt as though they were being dismissed by CS staff. Yes, they fixed it in a good time, I will give them that. However, their silence until they fixed it, and their lack of letting people discuss the situation is what made people so upset. There were better ways to go about it, is all.