ArcheAge players have been flooding the
forums recently with complains that unauthorized purchases have been
made on their accounts, some stating that they received over $150 in
charges. The publishers of ArcheAge, Trion Worlds, have left their
official response suggesting that players are to blame for the
breach, not the servers themselves.

“Let us start by saying this very clearly: Trion Worlds’
security has not been compromised in any way,” the publisher
said. “There has been absolutely no breach in Trion’s servers.”

The problem is a result of poor security management by players.
It’s not rare for automated scripts and bots to mine forums and other
sites for login information before attempting to use this same
information to log into accounts using the same details. So, if you’re
the kind of player that uses the same passwords and emails for
multiple websites, it’s possible that you yourself will become a
victim.
According to an official representative hundreds of millions of
attempts occurred from over a million different IP addresses, in just
a few weeks.

Apparently just a fraction of these attempts were
successful on August 26th.
The developers will provide full refunds for all affected players,
some of which said they were victims despite never actually playing
ArcheAge. Trion Worlds also revealed that they will be deploying a
new security feature on the Glyph platform to avoid these kinds of
breaches in the future.

Source:

GameSpot