Path of Exile developer, Grinding Gear Games, issued a sincere apology for a significant data breach stemming from a compromised test Steam account with administrator privileges. This article details the events and the steps taken to prevent future occurrences.
Over 66 Accounts Compromised
Enhanced Security Measures Promised
Grinding Gear Games' official PoE forum post, "Data Breach Notification," revealed that a hacker compromised a Steam account with administrative access to Path of Exile. This allowed the attacker to reset passwords on 66 accounts across PoE 1 and PoE 2, exploiting the company's internal customer support tools. The compromised admin account, created long ago for testing and lacking linked purchases, phone numbers, or addresses, proved vulnerable. The attacker successfully deceived Steam support using minimal information—email address, account name, and a VPN to mask their location.
Further, the hacker deleted password change notifications, concealing their actions from affected users. Access to sensitive data, including email addresses, Steam IDs, IP addresses, shipping addresses, unlock codes, transaction histories, and private messages, was gained. This information poses a significant risk of misuse, potentially impacting users' other online accounts.
Grinding Gear Games stated, "We have implemented enhanced security measures for admin accounts to prevent recurrence. Third-party account linking to staff accounts is prohibited, and significantly stricter IP restrictions are now in place. We deeply regret this security lapse. The necessary admin website security measures should have been implemented earlier, and we are committed to further strengthening our security protocols to prevent future incidents."
Community responses on the forum thread ranged from appreciation for the developer's transparency to calls for two-factor authentication (2FA) implementation. While the addition of 2FA remains pending, players are advised to change their passwords and remain vigilant about their account security.
![[18+] Starlewd Valley:Re!](https://img.wehsl.com/uploads/37/173149215167347937c925c.jpg)
