I think that a good chunk of those vulnerabilities may be way less than what is commonly considered. When most people think vulnerability they usually jump to remote code execution. Those represent the most severe. I would think that things like triggering an authentication prompt (UAC in Windows) when it should not be allowed to is considered a vulnerability (a much more minor one).
Yeah I woke up to an e-mail saying it was changed and had a link in it to reverse it. I did that and changed the password. Annoyingly the ******* changed my username and account security questions so it's still a day or two contacting EA to change that back. At the very least I can login and play my games
I had an ace up my sleeve if it was out of my hands though (retail box of Titanfall) which EA says you can use to identify yourself as the true account owner.
Funnily enough as soon as I got to work, I see another password reset request from the hijacker hit my e-mail. This time though he was greeted with this: Link
[Edited by Neo7, 4/11/2014 7:26:04 PM]
@element5 - Yeah they changed this info: E-mail address change (this triggers an alert sent to the original though which is how I got the account back). Password Username Security Question (need this changed back to change username back)