Update: Jagex has issued an announcement stating that no credit card or banking information was dropped as a consequence of the breach. "Further to yesterday's announcement, we could affirm that none of our players' bank or card details were jeopardized," it said. "We work with an industry-respected, entirely compliant third-party payment processor, to OSRS Gold purposefully avoid staff using gamers' full bank or card details. This also applies when players decide to store their information at payment stage for any future purchases. Jagex undergoes regular, third-party testing to ensure we keep the highest security standards."
A few months before, an Old School Runescape player who goes by mazrim_lol on Reddit maintained a"serious data breach" had caused him to lose 45 billion coins onto his main accounts. His claims were dismissed by a number of different players, several of whom indicated that it had been his own fault for not even getting the account correctly secured, or he may be lying around it completely. But it came to light today he was not lying, and that he was correct regarding the data breach, which was an inside job at Jagex. "We confirm that a Member of The Old School Team has been dismissed from job at Jagex following gross manipulation of moderator privileges," Jagex stated in an announcement posted now. "Throughout our rigorous regular system checks, intermittent action was identified on limited number of reports, including the movement of riches and objects back into the live game"
"After our investigation, we were able to solve the issue before any significant impact was made into the wider match, or market. We also have taken steps to return things and GP to some accounts that are affected. Whilst we do not return items or gold, we believe that given this unusual situation, we wanted to ensure no players lost out into the rogue actions of a member of team "
Jagex added that it's"working with the police" concerning the incident--45 billion coins has considerable real-world worth --but said it could not provide additional details. However, according to this Resetera thread the worker in question is Jed Sanderson, aka Mod Jed, who may really have stolen in excess of 100 billion coins in total, worth over $100,000 on gold-selling markets. He is also reportedly involved with the Reign of Terror clan, which was accused of using DDoS attacks to slow opponents in tournaments, including a $20,000 championship that took place in September of last year. Jagex said at the very time that its investigation had found no evidence of wrongdoing by Sanderson, but in the wake of all this I anticipate it will be taking another look.
In a follow-up article, Mazrim_lol shared an image of a message he received from Jagex Player Support, informing him that, because of those"rare situation" of Old School RuneScape Gold this case, it has made a decision to revive his lost riches. "We take things like this very serious and, as such, we'd like to assure you that we have taken steps to ensure that an incident like this will not occur again," Jagex wrote. Thankfully, Mazrim_lol is taking his vindication graciously:"Each of the redditors who spent telling me I was just lax with security can suck a fat one," he wrote.