I turned my pc on sunday morning and noticed I had an alert from Origin that said "Your account is already logged in, would you like to log in anyway?" I found that to be a little concerning.. but figured maybe I timed out and had a duplicate login present. I ignored it and then I got prompted again a few hours later. This time I decided to pull up battlelog only to see my avatar different, my clan tag different, and my emblem different (they changed me from 2nd armored to 1st cav), and ALL of my loadouts completely fucked up by some shit ass Ukranian. Now I was concerned. I checked my inbox and saw I had a password change request in there, so they tried to change my password. That didn't work obviously since they have no access to my e-mail. I immediately went to change my password, which I did, and then tried to log in. Much to my surprise, origin stated for verification purposes it sent a code to my cell number at xxxxxxx2732. That isn't my number. I called EA up, they called me back, and confirmed some bastard tried to steal my account. Once they fixed that, I saw the number was +380 634532732. That goes to the Ukraine. And as of right now, a few minutes ago, he's still sending my cell# password change requests. I wish we had someone on the board that could harass this motherfucker. Man that shit pisses me off!

tl;dr - turn on advanced verification in origin before the hackers do it for you.

Apparently what happened in EA's limitless wisdom is they were using a standard vbulletin message board inside of battlelog. Since it's integrated with Origin (brilliant) they were able to crack the relatively easy encryption of vbulletin and get everyone's password to origin (since they are the same). I got hacked hours after I posted on the bulletin board (which I hadn't done in years). So BEWARE.