MMO community pours one out for hacked player who lost 20,000-hour account renamed to "Same Password Everywhere"

gamesradar.com:

A tragic, cautionary tale has surfaced in the Old School Runescape community, and it's sure to get a wince out of many gamers, especially MMO fans. A rank-one skilling account said to have 20,000 hours logged on it has seemingly been hacked and subsequently renamed to "SamePwEvrywr," or Same Password Everywhere, just to twist the knife.

This started a few days ago when a player named Diddeboy alerted (opens in new tab) support staff at developer Jagex. Their account, Diddeboy1, is a level three pure with maxed non-combat skills including Slayer – an uncommon skill for such accounts to train, and a nearly unprecedented one for them to max. The account was maxed back in 2021 after 8,000 hours of Slayer training alone, as this post (opens in new tab) shows. As of March 12, 2023, it had been "compromised with changed passwords." Diddeboy's plight made it to the OSRS Reddit, but the post (opens in new tab) was deleted by moderators. 

The situation got exponentially worse earlier today when the same hacker appeared to have seized Diddeboy's Twitter account. Now-deleted tweets from Diddeboy's account claimed that their passwords were shared between multiple platforms and lacked two-factor authentication. This can't feasibly be verified, and the whole situation is a mess, but judging from the fact that these tweets were deleted and the account has been inactive since, it's possible Diddeboy has at least regained control of their Twitter. 

Unfortunately, the damage has already been done. As NotTheBeeze flagged (opens in new tab) on Reddit, this account, which still sits at the top of the game's skiller high scores, was recently renamed. Worse still, their high score records indicate that the hacker has leveled the account's