Yesterday I've read a reddit post about a Splinterlands account that had been hacked through unknown methods. The aforementioned account owner claimed to have lost about $25,000 which is a huge amount money.
According to the account owner, he has no idea how his account got hack as he never clicked on any suspicious link or shared his account's private passwords with anyone -- not even with the members of his family. Moreover, he only discovered that all his cards and DEC got stolen and sold off by someone when he logged into the game.
The most concerning thing about the hacking though was the fact that his account wasn't the only account that got hacked. A few months back, another Splinterlands account also got hacked and lost everything. Moreover, if you search around Hive and other blogging site you'll discover that reports of other Splinterlands accounts being compromised wasn't rare at all which is worrying.
Now, accounts getting hacked wasn't exactly new. If you're using the internet then there's always the chance that you'll get hack. I, myself also became a victim of hacking when my Gmail account's password got compromised during a security breach several years back. If even a billion dollar company like Google could fall victim to hackers what more of a game like Splinterlands?
I won't be pointing fingers as to who was at fault as it's obviously not the Splinterlands' team or the accounts owners' fault but rather the hackers. But I would be pointing out that the account owner should have use the game's built-in security feature to secure his assets.
When I say built-in, I mean the games lock feature where players could lock their cards for the duration of their choosing. This great feature could allow players to safeguard their NFT cards against hacking as it'll give the account owners the time to react if ever they fall victim to hacking.
The reason that the hacked accounts lost everything was because they got too complacent and ignored the card locking feature of the game.
Of course we shouldn't ignore the fact that Splinterlands needed to update their security measures and add more security features like a 2FA authentication or something to lessen the risk of their player base's accounts getting hacked.
I'm aware that it won't be easy nor was there any assurance that the added security measures would even work but the devs should at least do something about security, right?
For the time being though it falls to us players to safeguard our in- game assets by using the built-in card locking feature and by changing our passwords from time to time.