Got token-grabbed, the person who now has my account proudly shows my former connected accounts (with my full name on it), discord doesn't answer at all for 20 days.

Kasparov

• October 25, 2021 14:02

Hey. So I got token grabbed, did the usual ticket/support stuff, my issue got escalated since 20 days and I don't have a single response since.

The issue is : 

My paypal account /  CC was linked to my hacked account
My Spotify/Github/Twitter accounts are now showed with my full name on it.
I reached back to my account, the person who has it trolls and insults me over and over.


And... Discord doesn't answer, I send a new email every 5 days or so to get an update, but nothing ?

How is this acceptable, I understand that during a pandemic it's hard do anything support related. But god damn, instead of focusing on Nitro, they should focus more on their security.

Because in case you didn't know, if a user has your token, he can change your email + password + 2FA (and can remove it), and you won't get any link to revert the changes in your mails.

Please discord. Do something.

2

• 

  abasc

  • October 25, 2021 17:55
  • Edited

  same case here.

  I had phone and 2FA. All went garbage and lost my account. Support didn't respond after the auto message. Don't they get it it's urgent? I mean every minute lost is a potential new account compromised/phished!

  I had to warn my friends by phone but all the other servers I only know from online might get compromised too.

  At least put a delay when changing the email address this way we can react and use a link to reset password.

  This security flow is soooo broken, any script kiddy can play with it.

   

  Edit: apparently being nitro doesn't change a thing. even owning a community of 100+ member and being a bot dev. nice support

   

  0

Please sign in to leave a comment.