Soleslayer
Grand Priest
Platform
- iOS
This is supposed to be the "official" forum for Villagers and Heroes. Why do we need to register with a separate third party app, and potential hacker target, to get updates?Dear Players,
At approximately 2:45 pm PST on Thursday, February 14th, a hacker gained access to our servers.
We need to notify you that it is possible this hacker got the email names that you use to log into Villagers & Heroes. Your game passwords are encrypted, therefore the hacker cannot access your game accounts.
Just to be 100% safe, we recommend that if you use your game password for any other accounts, that you change it.
We can tell you that all of your accounts and characters are completely backed up, and will be restored. We are working to completely secure the servers so this does not happen again. We estimate this process will take 2-4 days. We apologize for this extreme downtime, and will be working tirelessly to restore everything and get the game up and running again.
Additionally, we do not store your name, address, or any payment or credit card info on our servers, so that was not compromised.
We will absolutely be compensating you for missed calendar rewards, and then some. In short, we will make this up to you, we promise.
Thank you again so much for your patience and understanding. You are truly a fantastic community.
Edit: We are trying to keep you informed in daily Twitch broadcasts about any new developments as long as the server is down (plus there's also a lot of interesting stuff we show from our upcoming updates and lots more). If for some reason you can't or don't have the time to watch them, there's a recap of all that's been said here. Thanks
Nadiria, for your hard work!
Yes, This is the official forums and yes everyone needed to register to post here. But the forums are separate from the game but under the control of Mad Otter. I hope that helps to answer your questions.
Soleslayer
Grand Priest
Platform
- iOS
star gazer
Grand Priestess
Characters
Najara, Jaeli, Rizzoli
Platform
- PC
You do not HAVE to register with Twitch to get updates. Once specific details are available they are posted here. The Twitch Livestreams are just a chance to keep in touch but the important info from them is also posted here.
Last edited
You absolutely do not need to register with any third party app! I'd like to make two points here:
1) We do currently make daily livestreams on Twitch, but any actual updates on the state of the game will be posted on the forums. See this thread for the most recent information!
2) If you do choose to watch the livestreams, you do not need to register with Twitch at all to watch livestreams, you can just click the link and view it in your web browser with no signup required.
Tenderloin
Jack Of All Trades
Platform
- iOS
If you download the twitch app on mobile, it requires you to have an account to login. This is not the case with the web version, you can watch without logging in through the browser.
Also, if you have the app installed the link redirects to the app automatically. If you don’t want to create an account for the app, delete it and the link will go straight to the web.
Finally, Nadiria has been doing an amazing job transcribing the twitch feeds nearly word for word here: https://www.madottergames.com/forums/threads/livestream-notes.527/
So if you want to know what is going on, that is all you really need.
Also, if you have the app installed the link redirects to the app automatically. If you don’t want to create an account for the app, delete it and the link will go straight to the web.
Finally, Nadiria has been doing an amazing job transcribing the twitch feeds nearly word for word here: https://www.madottergames.com/forums/threads/livestream-notes.527/
So if you want to know what is going on, that is all you really need.
Astro
Squirrel
Characters
Astro1, Peanutshell, Mother Astro, Hunter Astro, Shaman Astro, Otterly Astro and Lady Astro
Platform
- PC
Dear Otters,
My husband has been really enjoying the home baked cookies and a surprisingly clean house. The dog is rather tired of going for walks and would like a break. So this is my offer, for getting the game back up and running I will send you chocolate chip cookies!
Thank-you
My husband has been really enjoying the home baked cookies and a surprisingly clean house. The dog is rather tired of going for walks and would like a break. So this is my offer, for getting the game back up and running I will send you chocolate chip cookies!
Thank-you
but the date will still be the current date, rollback or no! you lose your house when you don't log on for two weeks, and that timer is ticking independently of any rollback! anybody that hadn't logged on in a week prior to the hack will lose their house if they take a week to get up and running again and the rollback won't make any difference! if you're in a guild village and don't belong to the guild, you won't be able to get your house back either! if this takes two weeks to fix, every single player is going to come back having been gone two weeks and lose their house! just wondering whether the devs are taking this into account.
I always thought the two week-limit was ridiculous, but now it seems downright dangerous.
I am fairly sure Otters will take all of that into consideration. But in case they did not, thanks for pointing it out. As shown in the livestream, they made it a point on their check list or to do list, compensation for lost time/items/effort is being thought of. But not untill AFTER the game is actually up and running again, which, I am sure, is everyone's main priority.
Rin
Citizen
Last edited
That makes sense... But I imagined it would be like, in-game, the time stopped from Feb 13 around 8:45pm PST until the game comes back online again. This will also make sense given that any consumables taken just before that backup time will still be in effect when the game servers are up. So if you took an elixir around 8:30pm that should lasts only an hour, it will still be there when you log back in. Devs explained it like that in the livestream, correct me if I'm wrong please.
Of course, that's just how I imagined it. I hope that would be the case.
Caly
BRA Member
Characters
Caly Adaria Chrysis & 2 others
Platform
- PC
Thank you Ivar for posting the list showing us what is happening. You and all Otters are awesome!
Littlenymph
Squirrel
Characters
Layla Littlenymph
Platform
- PC
- Steam
It is the internal timer within the game that keeps count of the passage of time. As far as that internal timer is concerned, no time has passed since the game was taken down. When the rollback takes place it will subtract another 18 hours from the last time clocked, regardless of how much time has elapsed in the real world. I don't see how housing rents will be an issue.
@Littlenymph is correct - this particular timer is only "ticking" while the game is live.
The game is currently in a state of "suspended animation" - when it is restored, any timers that were running, including the house timers, will resume right where they left off. So if you had not signed in for 10 days prior to the hack, you will still have 4 days to sign in and "extend" your lease on your house.
The game is currently in a state of "suspended animation" - when it is restored, any timers that were running, including the house timers, will resume right where they left off. So if you had not signed in for 10 days prior to the hack, you will still have 4 days to sign in and "extend" your lease on your house.
Talemire
Hunter
Platform
- Android
- PC
Juergen
Hero
Platform
- iOS
- Android
- PC
Since the new data privacy act came into force users ("may") need to be informed about hacking incidents immediately (§ 34 DSGVO). The only reliable way to do this is here to send an email because this was used to register an account. If you cannot login, have not received an email about an hacking incident and the official Twitter account looks like nothing happened then you do not think that the site was hacked. I was informed about this incident 4 days later by a media article which is disappointing that a third party is required here. It is probably just a matter of time when our data will be found in a leak in the internet.
Littlenymph
Squirrel
Characters
Layla Littlenymph
Platform
- PC
- Steam
Regarding some of my earlier comments, I am not a game developer. In fact, the majority of my computer expertise is centered on playing games that others have developed. Any comments I have posted are opinions based upon my personal understanding of the situation. With that in mind, I am going to leave off commenting on dev issues to the actual devs and stick to areas in which I feel a degree of competence. I have little doubt we will discover what is and is not relevant to the discussion in the coming week... or two...
I don't mean to be argumentative. In fact, with your last post, above, I believe you have introduced a point on which we are in agreement. I do not believe users simply "may" need to be immediately informed of any data compromise because there would seem to be a requirement to do so within the DPA. I believe it is the proper and responsible thing to do. There have certainly been past incidents where companies have managed to cover up data breaches to the detriment of their customer base. While I am not a huge fan of the DPA, I will admit that many of its regulations were created with good intent.
Where we perhaps differ a bit is that I am of the opinion that Mad Otter made a good faith effort to notify its customer base. Could they have done a better job of it? I imagine so, but hindsight is not an attribute that can be applied until after the fact. This incident is uncharted territory for our raft of Otters and I am confident that they will do a better job of it should the situation [God forbid] ever repeat itself. The mail notification seems a practical solution to explore, but I'm not competent enough in this area to assess whether or not that is a reasonable expectation. What Mad Otter will do in terms of customer notifications should something of this nature happen again is a valid concern and would make for a good topic of discussion on its own thread. In the meantime, I honestly believe that MO did the best it knew how to do at the time they had the opportunity to do it. That said, there is always room for improvement and I imagine they will be receptive to any ideas that may help in accomplishing that.
I don't mean to be argumentative. In fact, with your last post, above, I believe you have introduced a point on which we are in agreement. I do not believe users simply "may" need to be immediately informed of any data compromise because there would seem to be a requirement to do so within the DPA. I believe it is the proper and responsible thing to do. There have certainly been past incidents where companies have managed to cover up data breaches to the detriment of their customer base. While I am not a huge fan of the DPA, I will admit that many of its regulations were created with good intent.
Where we perhaps differ a bit is that I am of the opinion that Mad Otter made a good faith effort to notify its customer base. Could they have done a better job of it? I imagine so, but hindsight is not an attribute that can be applied until after the fact. This incident is uncharted territory for our raft of Otters and I am confident that they will do a better job of it should the situation [God forbid] ever repeat itself. The mail notification seems a practical solution to explore, but I'm not competent enough in this area to assess whether or not that is a reasonable expectation. What Mad Otter will do in terms of customer notifications should something of this nature happen again is a valid concern and would make for a good topic of discussion on its own thread. In the meantime, I honestly believe that MO did the best it knew how to do at the time they had the opportunity to do it. That said, there is always room for improvement and I imagine they will be receptive to any ideas that may help in accomplishing that.
- Status
- Not open for further replies.