Help and Information - Compromised PoE Accounts: Stolen Items and Hacked Accounts - Discussion and Leads - Forum

Already uninstalled poe2. GGG can go fuck themselfs.	Posted by piotrkun#1656 on Jan 1, 2025, 7:48:16 PM Quote this Post
My case • PoE1 • Standalone game client • “You’re trying to login at a different location, it’s required to re-type the saved password” warning message at login screen • access code security protocol didn't trigger • no email notification • no unknown device or location access in email security logs • no secondary login method • no overlay • no price check macro • no PoE related extension I did some research on the security issue while we all are waiting for the support team to investigate and unlock our account. Here are the Findings: Potential User Data Breach on Mar 29, 2017 https://www.pathofexile.com/forum/view-thread/1874476 Go change PoE account password immediately if your account was registered before that date. Database Bug on Nov 28, 2018 https://www.pathofexile.com/forum/view-thread/2253250 GGG did a good job with fast reaction to minimize the damage. Database and account system change for PoE2 on Nov 18, 2024 https://www.pathofexile.com/forum/view-thread/3587079 My account got hacked a week after this change which completely locked me out of PoE2 early access. The hacking situation has been getting worse since then, I highly doubt there's a chance the database and account system change introduced something new that is not intended. The following imaginary scenario is not true and has no evidence support Could it be a similar case to the 2018 Database incident? • account_A login with correct password_A and correct ip_address_A • under some extreme condition, database mistakenly return information of account_B at character selection screen • since account_A already passed the authentication at the login page, no access code security protocol trigger, no security notification trigger • player_A now have full in-game control of account_B In this imaginary scenario, all the existing security protocols are working as intended. /The above imaginary scenario is not true and has no evidence support	Posted by unlockWhen#2461 on Jan 1, 2025, 9:37:16 PM Quote this Post
" boki1337#6716 wrote: I got hacked today too. They stole ~150div in stash and all my gear (even jewels) on the monk. They didn't even bother checking my sales stash where theres propably still around 50-70div worth of gear in it. My second character (Level 92) is untouched. I played today for 5h and didnt have single trade the whole day. Only thing i did "public" was to go in town for some ring gambling at Alva in town Login - My standalone account is locked since release, because I don't have access to the mailadress I created the poe account on years ago. (This mail is not compromised, only deactivated because of inactivity (more than 10 years by now) and i couldnt recover it because i used fake information as a kid back then) I even have a support ticket open to change the mailadress since 3 weeks.. - I play the game via Steam and I use the tradesite etc. with Steam-login. Third party apps I stopped using PoE Overlay from Overwolf 4-5 days ago when i read about the wiped/hacked characters in reddit Most likely they are using trade site to bypass login. I suggest to never use your main credentials on the site for the time being. I play poe1 and also had some sus trades with ppl asking me to whisper. Don't do that or you might be at risk. Last edited by Falcon_x#2576 on Jan 1, 2025, 10:19:10 PM	Posted by Falcon_x#2576 on Jan 1, 2025, 10:18:46 PM Quote this Post
What is going on? I keep reading of peoples accounts being altered and due to this i went in on steam and your website to make sure my passwords were strong and have 2fa enabled. I dont think this is a "hack" but more so a POE2 expliot that can literally ruin the game completely 1) i dont have any overlays running, no overwolf no sidekick no trading apps 2) i didnt do any trading outside of your website 3) i didnt trade with anyone today 1/1/25 I had 3 divines in my currency stash tab, I was running maps today for about an hour and when I went back into my stash, they are gone. Luckily so far nothing else seems to be missing. I am more so concerned that there seems to be a huge issue with POE2 where this is happening very frequently your forums and reddit are filled with similar posts, that worries more than the 3 divines that were taken from my account. I don't want to have to uninstall but I also cant play a game that is openly getting hacked. There are hundreds of posts similar to this that cant be blamed on 3rd party apps, i dont have anything poe related installed on my pc other than steam and poe2. Makes me a bit nervous what vulnerability POE2 currently has? It's not my steam or Poe password the are different and not duplicated anywhere, created 30char from a password manager, 2fa on steam, no emails of access. Clearly this is happening on GGG end and I didn't even feel like farming knowing it's still vulnerable	Posted by Malejas#1960 on Jan 1, 2025, 10:24:21 PM Quote this Post
Another content creator hacked, 900 divines gone. Ashimar is his name. This sessions ID hijacking needs to be fixed ASAP.	Posted by Digradjonez#0085 on Jan 1, 2025, 11:26:22 PM Quote this Post
I have a missing divine orb, wondering if it's related to the topic	Posted by xfinish#7969 on Jan 2, 2025, 12:16:34 AM Quote this Post
" Malejas#1960 wrote: What is going on? I keep reading of peoples accounts being altered and due to this i went in on steam and your website to make sure my passwords were strong and have 2fa enabled. I dont think this is a "hack" but more so a POE2 expliot that can literally ruin the game completely 1) i dont have any overlays running, no overwolf no sidekick no trading apps 2) i didnt do any trading outside of your website 3) i didnt trade with anyone today 1/1/25 I had 3 divines in my currency stash tab, I was running maps today for about an hour and when I went back into my stash, they are gone. Luckily so far nothing else seems to be missing. I am more so concerned that there seems to be a huge issue with POE2 where this is happening very frequently your forums and reddit are filled with similar posts, that worries more than the 3 divines that were taken from my account. I don't want to have to uninstall but I also cant play a game that is openly getting hacked. There are hundreds of posts similar to this that cant be blamed on 3rd party apps, i dont have anything poe related installed on my pc other than steam and poe2. Makes me a bit nervous what vulnerability POE2 currently has? It's not my steam or Poe password the are different and not duplicated anywhere, created 30char from a password manager, 2fa on steam, no emails of access. Clearly this is happening on GGG end and I didn't even feel like farming knowing it's still vulnerable yes, I have a missing divine too, something is going on.	Posted by xfinish#7969 on Jan 2, 2025, 12:18:15 AM Quote this Post
" unlockWhen#2461 wrote: Here are the Findings: Potential User Data Breach on Mar 29, 2017 https://www.pathofexile.com/forum/view-thread/1874476 Go change PoE account password immediately if your account was registered before that date. Database Bug on Nov 28, 2018 https://www.pathofexile.com/forum/view-thread/2253250 GGG did a good job with fast reaction to minimize the damage. Database and account system change for PoE2 on Nov 18, 2024 https://www.pathofexile.com/forum/view-thread/3587079 My account got hacked a week after this change which completely locked me out of PoE2 early access. The hacking situation has been getting worse since then, I highly doubt there's a chance the database and account system change introduced something new that is not intended. The following imaginary scenario is not true and has no evidence support Could it be a similar case to the 2018 Database incident? • account_A login with correct password_A and correct ip_address_A • under some extreme condition, database mistakenly return information of account_B at character selection screen • since account_A already passed the authentication at the login page, no access code security protocol trigger, no security notification trigger • player_A now have full in-game control of account_B In this imaginary scenario, all the existing security protocols are working as intended. /The above imaginary scenario is not true and has no evidence support this is great info, in the Nov 28 one they did try to restore items which does give hope to many of us about this issue, and i do like your idea about what could be going on but we need to test it out. will be adding your info to the post tomorrow. Last edited by Crainus#7059 on Jan 2, 2025, 12:44:57 AM	Posted by Crainus#7059 on Jan 2, 2025, 12:27:49 AM Quote this Post
I mean they have to give us something for us who lost basically a month of gameplay, I didnt get hacked for much and they got none of my gear, I made it all back in the 2 days I was playing before they locked my account, they have done 10x more damage then the hackers and they let the hackers roam free.	Posted by karnaij#7052 on Jan 2, 2025, 12:56:28 AM Quote this Post
Previously compromised accounts are getting broken into from a new popular game release that malicious people can make money from. Nothing new here; been happening for years and years and only gets more profitable (aka bigger) as time goes on due to more and more people using computers and playing games. Not a single person who's security conscious will have an issue, unless they misstep. It's not GGG's systems, or else everyone would be getting compromised. TLDR: Secure your internet presence, people. I don't mean to sound rude, but I can't help the way people interpret my words.	Posted by DAOWAce#0876 on Jan 2, 2025, 1:23:29 AM Quote this Post