In the event of a stolen account

[Eliwood407]

I just got disconnected from SL, and though it seemed to be a connection issue and not some one logging in on my account, it got me concerned about my account.

I connected an authenticator, but it does not prevent some one logging in on my account in the client.

My question is, should some one get access to my account, and cause harm like delete my inventory or transfer my L$ balance, is there a service that could help me rectify this?

[bigmoe Whitfield]

if you get logged out by some one logging into the account when you are on you get a message stating so.

 

 

did it on purpose just for you and others to see the actual message.

[Rolig Loon]

As with almost everywhere on the Internet, you are responsible for controlling access to your userID and password.  Refer to the LL TOS (sect 1.4), which spells out the limits of their own responsibility. Among other things, it says, "Your interactions with other users and your use of User Content are entirely at your own risk. Linden Lab has no obligation to become involved in any dispute that you may have or claim to have with one or more users of the Service, or in any manner in any resolution thereof."  So, use street smarts and be wary of fraud. There's probably not much LL can do for you.

Perhaps even more relevant to your question, sect 4.2 says, "You are solely responsible for all activities conducted through your Account whether or not you authorize the activity (except to the extent that activities occur because someone gains access to our system without using your identifiers and password). " What follows is specific language about what happens if you have given someone else access.  The section ends with a blanket warning that "We will not be liable for any loss or damage (of any kind and under any legal theory) to you or any third party arising from your inability or failure for any reason to comply with any of the foregoing obligations."  The bottom line here is that it's on your own head if you didn't safeguard your access information or if, heaven forbid, you gave someone access deliberately.

The closest that the TOS comes to answering your specific question is that "If you lose access to your Account for any reason, Linden Lab may, but is not required to, attempt to restore access to your Account by verifying your Registration Data."  They might or might not be able to help recover items that may have been lost or stolen.  In practice, I do know that they have been successful at recovering stolen funds, but I don't think anyone knows just how successful.

[Eliwood407]

20 minutes ago, bigmoe Whitfield said:

if you get logged out by some one logging into the account when you are on you get a message stating so.

 

 

did it on purpose just for you and others to see the actual message.

Yeah I should look at that window next time, it happened out of the blue and I closed it out before I thought to read it.

 

 

16 minutes ago, Rolig Loon said:

As with almost everywhere on the Internet, you are responsible for controlling access to your userID and password.  Refer to the LL TOS (sect 1.4), which spells out the limits of their own responsibility. Among other things, it says, "Your interactions with other users and your use of User Content are entirely at your own risk. Linden Lab has no obligation to become involved in any dispute that you may have or claim to have with one or more users of the Service, or in any manner in any resolution thereof."  So, use street smarts and be wary of fraud. There's probably not much LL can do for you.

Perhaps even more relevant to your question, sect 4.2 says, "You are solely responsible for all activities conducted through your Account whether or not you authorize the activity (except to the extent that activities occur because someone gains access to our system without using your identifiers and password). " What follows is specific language about what happens if you have given someone else access.  The section ends with a blanket warning that "We will not be liable for any loss or damage (of any kind and under any legal theory) to you or any third party arising from your inability or failure for any reason to comply with any of the foregoing obligations."  The bottom line here is that it's on your own head if you didn't safeguard your access information or if, heaven forbid, you gave someone access deliberately.

The closest that the TOS comes to answering your specific question is that "If you lose access to your Account for any reason, Linden Lab may, but is not required to, attempt to restore access to your Account by verifying your Registration Data."  They might or might not be able to help recover items that may have been lost or stolen.  In practice, I do know that they have been successful at recovering stolen funds, but I don't think anyone knows just how successful.

 

Yeah all but the last part don't apply to this, though I appreciate the added information.
I don't share my details with others, but as with any service account whether it be for a streaming service or a game, they are prone to be hacked.
2factor authentication is a great tool to prevent this, yet somehow LL neglects to add this to their client.

It strikes me as odd that a platform like SL does not have a proper or clear system on L$ theft through a stolen account.
Especially since millions of USD are transferred every month, and they have a clear audit and log of every transaction.

Perhaps I shall start a ticket to get some solid information regarding this.

[bigmoe Whitfield]

2 minutes ago, Eliwood407 said:

Yeah I should look at that window next time, it happened out of the blue and I closed it out before I thought to read it.

 

 

 

Yeah all but the last part don't apply to this, though I appreciate the added information.
I don't share my details with others, but as with any service account whether it be for a streaming service or a game, they are prone to be hacked.
2factor authentication is a great tool to prevent this, yet somehow LL neglects to add this to their client.

It strikes me as odd that a platform like SL does not have a proper or clear system on L$ theft through a stolen account.
Especially since millions of USD are transferred every month, and they have a clear audit and log of every transaction.

Perhaps I shall start a ticket to get some solid information regarding this.

LL has mfa,  the 3rd party viewers do not have it yet.   and it will be optional it has to be turned on your dashboard.

[Eliwood407]

1 minute ago, bigmoe Whitfield said:

LL has mfa,  the 3rd party viewers do not have it yet.   and it will be optional it has to be turned on your dashboard.

Oh cool! Thanx I did not know it was only on LL clients!

Edited June 20, 2022 by Eliwood407

[Rolig Loon]

15 minutes ago, Eliwood407 said:

I don't share my details with others, but as with any service account whether it be for a streaming service or a game, they are prone to be hacked.

This is true.  Regardless, though, a very high percentage of the problems that people report as "hacks" in SL turn out to be either clumsy handling of their own access information or deliberate sharing of an account with someone else. MFA is certainly a good way to protect against genuine hacking. In general, however, users would have many fewer security issues if they just paid attention to the TOS statements that were the focus of 2/3 of what I wrote above.  In a practical sense, what this tells me is that while there's a lot of low hanging fruit for crooks to go after, they don't have a lot of incentive to do much serious hacking.  Just playing the probabilities, if you guard your account properly, you are safer than you think you are.

[Odaks]

On 6/20/2022 at 3:04 AM, bigmoe Whitfield said:

LL has mfa,  the 3rd party viewers do not have it yet.   and it will be optional it has to be turned on your dashboard.

Just to update this situation, Firestorm's latest maintenance update, 6.5.6, now implements MFA on their viewer.

[bigmoe Whitfield]

1 hour ago, Odaks said:

Just to update this situation, Firestorm's latest maintenance update, 6.5.6, now implements MFA on their viewer.

Yep, I never updated my post, ty.

[Wulfie Reanimator]

On 6/20/2022 at 5:01 AM, Eliwood407 said:

It strikes me as odd that a platform like SL does not have a proper or clear system on L$ theft through a stolen account.
Especially since millions of USD are transferred every month, and they have a clear audit and log of every transaction.

All you need is to contact support, if your account is compromised and/or lindens stolen. The same support system that handles everything else. It's very simple rather than having a bunch of different systems for us to figure out.

For example, one of my counts lost 20K some years back, after someone logged in. I got it back within a couple days of notifying support with a simple "my lindens got stolen, this is the transaction number, undo pls."

[Lindal Kidd]

7 hours ago, Wulfie Reanimator said:

one of my counts lost 20K some years back, after someone logged in. I got it back within a couple days of notifying support with a simple "my lindens got stolen, this is the transaction number, undo pls."

You were very fortunate, Wulfie. The ToS states that the account owner is responsible for everything that happens with that account, and if LL wanted to strictly follow their own policy they could have done nothing. That's why it's so important to guard your credentials, and to report any suspected compromise as soon as possible.

In cases like these, there's also a phone number to call, in addition to submitting a ticket. The Fraud Hotline is 800-860-6990

Edited August 3, 2022 by Lindal Kidd