Subscribe

0

Esports

Path of Exile 2 faces data breach, Grinding Gear Games responds

Grinding Gear Games reveals that a hacked Steam account led to a data breach for Path of Exile 2 using a security vulnerability. Thankfully the hacker was not able to view any passwords.

author-image
Mayank
New Update
path of exile 2

Photograph: (GGG)

A few days ago, Path of Exile 2 experienced a data breach after an admin account was compromised. The breach allowed the hacker to gain access to customer support tools. The hacker was also able to compromise 66 player accounts as revealed by Jonathan Rogers and Mark Roberts, lead devs for the game, during a podcast.

Advertisment

Following that, a new announcement was shared by the Grinding Gear Games (GGG) Community Team going further into the details and apologizing for any inconvenience. The dev team has also tightened the security to prevent something like this from happening again.

This happened after a Steam account created for testing purposes and was linked to the admin account got hacked. This gave the person access to the admin account on the Path of Exile website. As soon as the breach was detected, all admin account passwords were reset.

Also Read:Elon Musk called out by Path of Exile 2 community for using a boosted account

GGG apologies for the lapse in security

The reason why the hacker went undetected for so long is due to a bug in the event log which allowed the person to delete any changes that were made. That was promptly fixed and GGG acknowledged that this was a mistake on their part that shouldn’t have been there.

“We are incredibly sorry for this lapse in security. The measures taken to secure the admin website really should have already been in place and in the future we will be taking even more steps to make sure that this kind of issue never occurs again,” the official statement said.

The devs also revealed that the passwords or password hashes were not viewable through customer service, however, the hacker did get to look at email addresses, Steam IDs, IP/Shipping addresses, and account unlock codes for different regions.

After hearing the news, players appreciated that the dev team came clean with all that happened. However, many of them are once again requesting 2-factor authentication for Path of Exile accounts to further up the security in case something like this happens again.