Former GM removed from community
Results of investigation and staff vote

As you know, there are different levels of GMs, and at the different levels you get access to different amounts of information. We restrict as much as we can at the lower levels but the truth is that the GMs need information to be able to execute on plots.

Tonight it came to our attention, via a player, that a GM had logged into the game, checked the stats on some players, and then given that information to a former player during the course of a conversation about Sindome. They didn't share exact numbers (they didn't have access to those) and they didn't share (as far as we know) an exact print out of the @stats for these players, but they shared general info.

We tracked down specifically who it was--Navi--a Support GM and former Fulltime GM who had not logged in (as a player or a GM) for many months and then suddenly logged in and decided to return to the game.

We have a policy that when a former GM wants to return after being away for a month or more it requires a vote, and in the meantime we make that GM an $alumni to restrict their access. If the vote doesn't pass they can maintain their alumni status as a nod to the hard work they put in in the past and to perhaps help guide new admin on past plots or answer any questions they might have, while not giving the alumni day to day access to the GM side stuff.

When Navi first logged in after all those months, they checked if Johnny or Cerb was around, and finding they weren't, they checked the stats of several players they had no reason or justification for checking on. The log of the chat that we were provided shows they engaged in a conversation where they revealed some of this information (in broad strokes like JoeBaka is masterful at long_blade and Jeff would crush John in a fight), and bragged that they had checked this info on their admin bit. The next morning when we saw that Navi had logged in, we changed her to an $alumni until a vote could be taken, but it appears the damage was done the night before.

The person they revealed the info to is a former Sindome player, and not an admin. The information was spread around and made its way back to at least one of the players who's stat information was revealed. They brought it to our attention and within an hour we had more than enough proof of the info leak.

After our investigation, a conversation with Navi, and a vote of the staff, we have removed her from the community entirely and permanently for a gross violation of our rules, our trust, and for damaging the integrity of the game.

We know exactly who's stats she checked out and we are notifying those players and offering them partial respecs where applicable to try to offset any damage that might have been caused by their stats being shared.

We take these situations extremely seriously and we are... well, disheartened. I don't know a better word for it. We're all people on the internet and we don't all know each other in real life, even on the admin side. There is an amount of trust that we place in the people we bring onto our staff and we believe that even when we aren't always getting along, we always have the best interest of the game at heart. That someone who was a GM for as long as Navi was would so casually violate the most sacred of our rules... I don't even know what to say. I want to apologize to everyone, but it seems hollow. I don't know that we can stop people from being jerks, we can only hope they won't be and sometimes we're going to be disappointed. I'm sorry that this happened, and I want to thank the player(s) that helped us figure out what had happened, and for initially bringing it to our attention.

This is another example of why even casual OOC conversations with other players, even former players, even GMs, or former GMs, should be avoided if at all possible and if not possible, the conversation should be about anything but Sindome. I don't know that Navi intentionally shared this info to be malicious, but her intention doesn't really matter. Our rules are our rules, and they apply to everyone, especially admin.

-- S

I am not trying to gloss over any damage that was done here. But this is a text book example of, "It could have been worse." Navi could still have access. Stats could still be being accessed /right now/.

It is comforting and reassuring to know that there are mechanisms in place to detect this kind of abuse.

From a risk and compliance point of view, the only real 'gap' I see here is that the investigation was only launched when it was brought to staff's attention by one of the affected players.

I am not sure what the back end systems for the MOO and the server that it runs on are like. Out in the real world, we would create a weekly or monthly report of "high risk" actions. For example, you might log every instance of GMs running an @stats on a player. That log would then be grouped by GM name.

In a situation like the one that happened here where a GM who had been inactive for months suddenly popped back up, the exception would be obvious.

The challenge with reports is that someone has to review them. And the person who is reviewing them has to have a wide enough view of what is going on to be able to make sense of them. If someone handed me a report of GMs @stating players, I would not have the slightest clue whether or not it was appropriate, related to plots, or whatever.

Just some food for thought.

We also have commands to automatically transfer ownership of anything they own to another admin.

This should go a long way toward keeping those with access a very tight loop.

Thanks for the feedback and suggestions on this everyone!

-- S