Path of Exile developer, Grinding Gear Games, has issued a sincere apology for a significant data breach stemming from a compromised test Steam account with administrator privileges. This article details the events and the steps taken to prevent future incidents.
Over 66 Accounts Compromised
Grinding Gear Games recently addressed a data breach on the official Path of Exile (PoE) forums. Their statement, titled "Data Breach Notification," explained that a hacker compromised a Steam account with administrative access to PoE. This allowed the attacker to reset passwords on 66 PoE 1 and PoE 2 accounts, leveraging tools typically used by customer support agents. The compromised admin account, created for testing purposes, lacked linked purchases, phone numbers, or addresses, making it vulnerable to social engineering. The attacker successfully impersonated the account owner using minimal information (email address, account name) and a VPN to mask their location.
Further, the hacker cleverly deleted password change notifications, concealing their actions from account holders. Access to sensitive data, including email addresses, Steam IDs, IP addresses, shipping addresses, unlock codes, transaction histories, and private messages, was gained. This compromised information poses a significant risk to affected users, potentially jeopardizing their other online accounts.
Grinding Gear Games stated, "We have taken steps to significantly enhance the security surrounding admin accounts to prevent recurrence. Third-party account linking to staff accounts is prohibited, and we've implemented far stricter IP restrictions. We deeply regret this security lapse. The necessary measures to secure the admin website should have been in place, and we're committed to implementing even more robust security protocols to prevent similar issues in the future."
Community response to the announcement has been mixed, with some praising the developer's transparency while others urge the implementation of two-factor authentication (2FA) for enhanced security. While the timeline for 2FA implementation remains unclear, players are advised to change their passwords and remain vigilant about their account information.
LATEST ARTICLES 15
2025-03
The best projectors transform your home into a private cinema, but their size and often-required mounting can make them cumbersome. Fortunately, many portable projectors offer the same cinematic experience without the bulk, perfect for movie nights under the stars, camping trips, or even a cozy dor
Author: AdamReading:0
15
2025-03
Following the release of American Blast: Match Puzzle, Dookos Games has launched a captivating new Android game: Jigsaw USA. This isn't your average jigsaw puzzle; it cleverly blends brain-teasing challenges with fascinating American history facts and quizzes. If you're a history enthusiast, this o
Author: AdamReading:0
15
2025-03
A new trailer for Lies of P's upcoming "Overture" expansion, showcased as part of a joint IGN and Xbox (ID@Xbox) event, offers a glimpse into what awaits players. This expansion from Neowiz Games and Round 8 Studio unveils new environments, formidable enemies, and at least one intriguing new ally f
Author: AdamReading:0
14
2025-03
Nintendo Switch owners know the struggle: that internal storage fills up faster than you can say "Joy-Con." The standard Switch’s paltry 32GB, and even the OLED model’s 64GB, vanish quickly when you consider that many top Switch games easily consume 10GB or more. Downloading games from the eShop?
Author: AdamReading:0
