If you’ve got an account with EA’s Origin download service, or even a general EA account, today would be a good day to change the password and make sure it’s not one shared by any other applications or services you use. An unknown number of Origin users have, over the past couple of days, been receiving emails informing them of changes made to their accounts; changes not authorised by the actual user.
These are genuinely compromised accounts, where someone has got hold of both username and password, entered the account and made changes inside to email addresses, passwords and so on.
At this point, the person has almost total control over your Origin account. Luckily, they probably won’t be able to use it to buy games unless they can guess the three-digit CSS code on your credit card of choice. The credit card details themselves are stored inside the account, but with the majority of the numbers (save the last four digits) obscured.
Further details of individual account takeovers can be read on this NeoGaf thread, including one man’s smart use of alternative accounts to track down his account thief to a .ru email address.
EA’s customer service response thus far appears to have been very poor, choosing to reply to Eurogamer (whose employee Richard Leadbetter was affected) in the most generic terms possible.
Unfortunately, if this has happened to you, there aren’t many outlets available to you besides EA’s customer support network.
“For any customer who cannot access their Origin account for any reason, we ask them to please contact Origin Help or EA’s customer experience group at help.ea.com,” is, currently, the only official response.