In the past few days we noticed an unusual amount of suspicious login attempts to several accounts, some of which are related to some reported hacking/theft cases.
We ran an investigation on our server's security and found out that the hacking attempts weren't caused by a flaw in our system, but they were all based on a list of more than 700 millions of email addresses and passwords leaked by other servers/websites (not necessarily RO related) that had been compromised.
If you use a different, randomly generated, password for each website then you're good! You're safe and won't need to do anything else.
If you use the same password on more than one website, you should check if your online accounts have been compromised in a data breach at https://haveibeenpwned.com/ , if your password manager doesn't include this feature.
If your email address is linked to a data breach, and you use the same password on Origins, you should change your password immediately.
We're forcing a password reset for every Master Account, to ensure the privacy and protection of players who are currently inactive and won't see this message. If the next time you try to log in, you see an error that says your password is incorrect, please head to https://bbs.originsro.org/ucp.php?mode=sendpassword in order to create a new password. Please note that this doesn't mean that your account has been hacked (but if anything is missing, please do not hesitate to contact us, and we'll help you find your missing items).