Glad to report that they've identified the compromise and will be restoring my account.

Huge thanks to BigDataDude for examining my case himself.

I usually hate seeing these threads attempting to shame a company into action but I'm at a loss for what to do about losing 90k worth of items from my account. Even if I get no result then maybe a few people will take a look at their account security.

On Tues 4th July my gmail account was compromised, I don't use the same password for my glyph account but it turns out when google chrome saves your form entry passwords, you can access them all in plaintext from your google account.

Somebody used the password that was saved from accessing trion's website to log into my account. (Or requested a password change and deleted the emails, I can't be sure which).

On the 5th in the early afternoon I went in TS and someone was talking about how I had listed my epic ayanad flame shield for 50k, panicked I logged into archeage (glyph was logged into an alt account) and saw that the shield had been sold over the AH for 1000g and relisted. I went to log into my main but the password and email address had been changed. (And emails deleted from gmail, turns out you can't get them back even if you go to support).

That afternoon I contacted live support from a patron alt account and explained the situation, asking them to remove the shield from the auction to avoid giving the hacker a chance to launder and sell the gold from the sale.

The GM went through some verification questions and ended up asking for the IP address I used to create the account (during launch). Since it's crazy to expect someone to have a record of a dynamic IP from another house nearly 2 years ago I couldn't provide it.

After multiple tickets, repeated questions from GMs that obviously hadn't actually read my previous responses, ignored requests to escalate the case to a senior GM and giving a history of the account from what cards I've used to what the results of rng boxes were, they finally restored access several days later.

I had three tradable items worth anything and around 3000g, the three Items were a Divine Ayanad Meadow Scepter crafted by myself (Teajay), the Epic Ayanad Flame Shield also crafted by myself and a divine Delphinad Lake Shield crafted by a guy called Repe on Dahuta. All three have been taken, it looks like they listed my jewelry but it didn't sell, it was still in my inventory unequipped. There were 5 successful purchase notices in my mailbox of craftman's daggers leaving me with about 500g, the daggers were crafted by a player in Leviathan for 1053g. I'm not sure if that's an alt used by the hacker or just some goldbuyer so I'll leave the name out to avoid witchhunts.

They also used some of the credits on the account to change the character name...

A guildmate pointed out that they were even trying to sell the shield on Agent North's twitch stream. A user called TheHotSteppa was bragging about how he'll sell for 40k.

Because they had access to the gmail and passwords for more important things like paypal, I've reported the incident to the police and included the reference to my police report in my ticket with GMs.

Now after finally being escalated to senior GM Nord I'm just getting copy/paste stock answers about how they can't return any items or even reverse the character rename. I'm getting the impression that's all I'm going to get from them until I give up and go away. I'm not a huge whale by any means but I have spent a fair bit of money on my account (fucking £250 pegasus) and have had 3-5 paid patron accounts running for well over a year. I definitely paid them enough that I shouldn't be treated with the utter contempt I've had from them so far.

I realise that plenty of people try to scam for item dupes, but I doubt they contact support trying to get them remove items from the AH before they're actually sold or file false police reports about their emails getting compromised.

I'm not sure if posting this will accomplish anything, but I'm essentially out of options and the chance that someone might be able to offer some advice or that someone at TRION that actually gives a damn will see it makes it worth the time to type up.

I've since changed passwords everywhere and enabled 2factor auth on gmail and everything else that supports it. If you use google chrome you should at least get 2 factor auth on your google account or turn off saving passwords online, it's a ridiculous security oversight that I'm still kicking myself for not thinking about before.

tl;dr: Account hacked, bad support RNG.

edit: changed the date: US-UK date system got me mixed up when looking up the date of my first ticket