It’s no secret that Magic cards are worth a lot of money. It can be perplexing to some that a rectangular piece of cardboard could be worth the same as a house, but what if I were to tell you that online cards also have a ton of value? Over the course of a few days, something that was only about eight dollars can suddenly become more than $70 a piece, as was seen by the recent explosion in interest around Atraxa, Grand Unifier. This, understandably, has created a wave of hacks, causing players to lose their valuable collections. These have slowly become more commonplace, and Daybreak Games, which oversees Magic Online, is introducing additional security measures to help fight these MTG hack incidents.
Social Media Concerns Surrounding MTG Hack Incidents
Players losing their MTGO accounts to hackers isn’t exactly new news, but it does seem to be a growing concern. Players have started reporting more and more cases of their Magic Online accounts being hacked. As mentioned in some of the comments above, it’s easy for a collection to surpass $1000, especially since some of these accounts are over a decade old.
Unlike MTG Arena, players can trade cards between accounts on Magic Online. This has created a secondary market for MTGO cards that is separate but somewhat related to the secondary market for paper cards. Unlike paper, MTGO is affected by different kinds of scarcity issues and does not really care about the Commander format when evaluating card prices. Unfortunately, having a tradeable market on MTGO also creates the problem of hackers being able to trade cards to their accounts, cleaning out the hacked account for thousands of dollars in digital cards.
MTGO Security Updates
After affected players, understandably, requested two-factor identification to hit Magic Online, today’s update suggests that Daybreak Games is taking action to try and keep these hacking scandals under control. Two-factor identification is officially in development for Magic Online accounts.
Read More: New MTG Promotion Found on Hot Pockets?!
MTG Hack Prevention
Since two-factor identification will not be hitting accounts immediately, Daybreak Games has also given some precautions to players to help prevent their accounts from getting raided in the meantime. Even if you aren’t an MTGO player, these are safe practices that you should use with any account you use that could be somewhat valuable to a hacker, including your Magic Arena account. The tips are as follows:
“Until we can deploy two-factor authentication, awareness of how passwords are stolen is a player’s best defense against account theft. Here are some critical mistakes to avoid:
- Password Re-Use: There have been no Magic Online data breaches under Daybreak, but a data breach or bad actors on a website where you have re-used your Magic Online password can lead to bad actors trying the password elsewhere. Never re-use your Magic Online password or one similar to it.
- Password Sharing: Whether given intentionally to friends or unintentionally to phishing and social engineering efforts, sharing your password with any person or entity puts your account at serious risk of theft.
- Password Strength: Accounts with passwords that are guessable, short, or overly simple are at greater risk of theft. Make your password strong!
Password strength and care are the common threads here. Change your MTGO password today to a unique, complex alternative and never give it to anyone or enter it in anything other than our login screen or Help site. Players who do reduce their risk of account theft to near zero.”
As quoted by Daybreak, it seems players who don’t have the best password hygiene are the ones getting their accounts stolen. Daybreak even claims that players who clean up their password habits have a ‘near zero’ chance of account theft.
Did You Have Your Account Hacked?
Seeing as this has been becoming more commonplace if you do happen to be the target of a bad actor, Daybreak Games can work with you. In the unlikely scenario that your account contents are stolen, Daybreak Games has asked you to do as such:
“Should you suspect your account has been compromised, you can log into help.mtgo.com to file a Customer Service ticket. If you are locked out of the account due to a compromise in progress, you should create a brand-new MTGO account and then log into the Help site with those credentials. Contacting us via social media can help, but that generally isn’t quick enough to stop an event in progress.”
If you know someone who had their account hacked, following the link above should hopefully help to recover lost goods. I decided to bold part of the quote because this seems to be the step that many players who fall victim to hacking may not do immediately (since their original account is hacked). With these kinds of attacks, time is of the essence, so contacting support sooner than later should help resolve the situation positively. Hopefully, introducing two-factor identification will help make these MTG hacks more of a rarity.