You may have heard whispers, grumbles, and screams from Grand Theft Auto V [official site] players who found naughty strangers had somehow hijacked their Rockstar Games Social Club accounts, changing the password and recovery e-mail address. They were left unable to play online. Rockstar have sworn blind that they haven’t been hacked, rather that the bandits had used logins yoinked for other websites and databases that’d been hacked. Rockstar were slow to respond, but now have a plan to deal with it.
They’ve temporarily disabled the ability to change an account’s e-mail addresses, and say they’re trying to restore already-hacked accounts to their rightful owner within 24 hours.
A note on the Rockstar support site explains:
“We are aware that unauthorized attempts have been made to access Rockstar Games Social Club accounts using email and password combinations sourced from unaffiliated, compromised websites or databases elsewhere on the internet. For the accounts affected, we are in the process of reverting those accounts back to their original owners. As a result, the ability to change email addresses for Social Club accounts has been temporarily disabled … As a reminder, it is a good policy to ensure that the Rockstar Games Social Club account username and password is not shared across multiple websites on the internet. For accounts affected with this issue, we are working to respond to customers to reinstate full user access within 24 hours of contacting Customer Support.”
I have seen a few people say that they lost their accounts despite using a unique password for their Rockstar account, which is curious but doesn’t mean Rockstar were hacked.