A few hours ago a friend complained about someone that has logged into his account. We thought it's just a strange random password fishing but another friend complained about it too and then the first one had another unidentified login even after a password reset.
The IP used to login is 188.138.40.87 which leads to a wow private servers collection site hosted in Germany.
Both passwords are secure so brute force is not an option. There is a topic here posted 2 hours ago in which is mentioned that many people can't login into their accounts.
So, warmane, if you are not testing in a strange and confusing way and there isn't an "inside person" that is doing this - your security is being compromised.
-
Member
Account fishing / Server attack / Strange way of testing?
-
Member
I had this happen to me as well. I got disconnected from lordaeron in-game, checked the website and it says i was last seen 1 minute ago from Germany.
-
Member
We were getting an IP from US when the realm crash so my guess would be that it's still the same IP but from different location so you shouldn't worry about it.
If someone tries to get into your account you'll see the message on your e-mail/phone if you have 2-step enabled, so don't turn it off and you're safe.
-
Member
Does that happen if someone else logs into the game under my account, or only the website?
-
Forum Veteran
Only website. Your ingame account is not protected by 2 step authentication.
That IP address belongs to logon server. Seems like they have made some changes related to logon server recently so it's in Germany not US now. That IP address will appear there when you connect to logon server but don't log on a realm. It usually happens when server crashes, you log back in but can't connect to realm yet.
-
Forum Veteran nÂș 69
Yep, it's the new logon server. You can confirm this by logging in but cancelling before connecting to a realm and then checking your account info. The associated website is openwow, which is also owned by warmane.
