[Robadob]

Those shared accounts might be accounts hacked with known/breached passwords.

I previously had my mostly empty UPlay account hijacked by someone with a Kazakhstan IP. As I recall they renamed the account and added new friends and had been playing a game I'd received free, but didn't change the password. Mostly just spurred me to switch everything feasible to 2FA.

[DarkWiiPlayer]

1. Everyone is responsible for their own password. Some sites may have password requirements, which I think is dumb, but ultimately it's still the users responsibility to secure their account against password guessing attacks.

2. (unrelated to article) My gaijin.net (warthunder) account has been hacked ages ago, and since I didn't spend a single euro on it, I never really cared. I just observe where people log in from (I get an email for every weird login), and it's quite interesting.

3. most likely changing the password would have required email access

[Robadob]

1. I was simply trying to clarify what 'shared account' likely actually meant.

3. This I didn't consider.