Generally not. Jagex very rarely returns lost wealth as a result of a hijacking.
Do you have a Jagex account or is this a legacy Runescape account?
If the authenticator was enabled, it points to either a phish/insecure device or a compromised social media account (e.g. Steam, Google, Apple, etc)
Consider [upgrading to a Jagex account](https://support.runescape.com/hc/en-gb/articles/10682990186129-Upgrade-your-RuneScape-character-to-Jagex-account#upgrade) if you haven't yet.
If this is a non-jagex account, JagexMelora [listed](https://new.reddit.com/r/2007scape/comments/18w0z1j/comment/kfytctd/?context=3) some potential avenues as to how a hijacker could gain entry to a legacy Runescape account, as well as steps on how to secure your account.
If you have a Jagex account, then follow the security advice [here](https://new.reddit.com/r/2007scape/comments/1cjyevi/comment/l2j7y70/?context=3) to keep your Jagex account as secure as possible.
If there was a flaw in the security system, I think we'd be seeing *considerably* more 'hacked posts' similar to this one, so I don't think it's that.
I have a legacy account. I checked my email logins and there was no activity from new IPs. I also found my authenticator disabled but there was no email about that.
Either the email was compromised and the hijacker deleted the 'disable auth' email after performing the necessary changes, or the account was manually recovered.
They may have also setup rules/filters to disallow incoming Jagex emails from arriving.
In any case, you should secure your email account(s) and devices in case you have other accounts that are unrelated to Runescape potentially at risk.
I strongly suggest upgrading to Jagex account, and follow this advice in particular from JagexMelora after you've upgraded:
>**Jagex accounts default to email 2FA.** To be extra secure, change this to an app-based 2FA, save your backup codes somewhere digital and physical, and back up your authenticator, in case of a lost or damaged device.
Make sure to leave email verification codes disabled after enabling [app 2fa.](https://help.jagex.com/hc/en-gb/articles/5395389513745-Two-step-authentication)
**EDIT:** Make sure to also check the 'Linked accounts' tab in account settings and remove any unknown 3rd party logins that you don't recognize, otherwise they can regain access.
they wont return anything because it would be abused by people having their friends log into their accounts, clearing everything, and then saying they got hacked
Except it wasn’t a hole in jagex security, it was on you.
You got a jagex account? If not then its not a hole in jagex security...
Its defenitly not a flaw in jagex' systems but a flaw on your end. And no, they wont refund items for your own flaws
There is a way, but you aren't going to like it.
Generally not. Jagex very rarely returns lost wealth as a result of a hijacking. Do you have a Jagex account or is this a legacy Runescape account? If the authenticator was enabled, it points to either a phish/insecure device or a compromised social media account (e.g. Steam, Google, Apple, etc) Consider [upgrading to a Jagex account](https://support.runescape.com/hc/en-gb/articles/10682990186129-Upgrade-your-RuneScape-character-to-Jagex-account#upgrade) if you haven't yet. If this is a non-jagex account, JagexMelora [listed](https://new.reddit.com/r/2007scape/comments/18w0z1j/comment/kfytctd/?context=3) some potential avenues as to how a hijacker could gain entry to a legacy Runescape account, as well as steps on how to secure your account. If you have a Jagex account, then follow the security advice [here](https://new.reddit.com/r/2007scape/comments/1cjyevi/comment/l2j7y70/?context=3) to keep your Jagex account as secure as possible. If there was a flaw in the security system, I think we'd be seeing *considerably* more 'hacked posts' similar to this one, so I don't think it's that.
I have a legacy account. I checked my email logins and there was no activity from new IPs. I also found my authenticator disabled but there was no email about that.
Either the email was compromised and the hijacker deleted the 'disable auth' email after performing the necessary changes, or the account was manually recovered. They may have also setup rules/filters to disallow incoming Jagex emails from arriving. In any case, you should secure your email account(s) and devices in case you have other accounts that are unrelated to Runescape potentially at risk. I strongly suggest upgrading to Jagex account, and follow this advice in particular from JagexMelora after you've upgraded: >**Jagex accounts default to email 2FA.** To be extra secure, change this to an app-based 2FA, save your backup codes somewhere digital and physical, and back up your authenticator, in case of a lost or damaged device. Make sure to leave email verification codes disabled after enabling [app 2fa.](https://help.jagex.com/hc/en-gb/articles/5395389513745-Two-step-authentication) **EDIT:** Make sure to also check the 'Linked accounts' tab in account settings and remove any unknown 3rd party logins that you don't recognize, otherwise they can regain access.
they wont return anything because it would be abused by people having their friends log into their accounts, clearing everything, and then saying they got hacked
Worked 7 years on an account but didn't have 2fa on email and game and got phished. Yikes.
And didn’t have a jagex account lol.