HQ/EMEAFind out how we can help your business
The developers of the online game Path of Exile 2 revealed that threat actors hacked one of its admin accounts to hack the accounts of at least 66 players.
The stolen admin account allowed the threat actors to change the passwords of other accounts, resulting in many players losing their in-game purchases.
PoE is a hugely successful single-player and cooperative action role-playing game created by Grinding Gear Games. Despite being in early access, the title has received overwhelmingly good feedback on Steam.
It has built a passionate community of tens of thousands of players, with many more eagerly anticipating its official release.
Path of Exile 2 players first reported the hacking on its forums.
According to reports, Path of Exile 2 players reported a surge of account hacks on the game’s forums. Some reports claimed that Steam and stand-alone PoE accounts had been breached without a 2FA code request.
Moreover, players who fell prey to these hacks were quickly logged out of the game and Steam. By the time they regained access with the help of Steam Support, they discovered that the hackers had taken all their in-game purchases, especially valuable items.
Some of the affected players posted on the forum, revealing that the PoE support informed them that rollbacks and stolen items restoration cannot be restored, meaning that the hacked items are not repairable.
The attack occurred through a compromised old Steam account linked to one of the game’s admin accounts. The attackers utilised partial data, such as the last four digits of their credit card number, to convince Steam Support to reset the passwords and take control of the account.
This exploit gave the attackers access to the PoE 2 admin account and other gamers’ accounts. The developers have not confirmed this scenario, but a screenshot of a supposed Path of Exile 2 administrator panel has been circulating on Reddit and other platforms.
Grinding Gear Games has not disclosed any intentions to reimburse players for the affected items and compromised accounts.
