Technical Support - HUGE HACK went down!!! who all got jacked. - Forum

at this point i know how they got my email/pw it was from twitter when they got hacked last ~april and everyone's email/pw were stolen i used the same email/pw for twitter and poe so oh well i'm not bummed about the items i lost, i just wish GGG would be more careful. they(by they i mean chris) are being incredibly naive about their security; releasing information about security upgrades publicly BEFORE THEY IMPLEMENT THEM... so foolish. such information being released forces people that have our info to act asap and essentially, GGG is to blame for all of us losing our items. but instead of admitting and apologizing for their mistakes, they accuse us all of being cheaters and attempting to use 3rd party programs with this game... which obviously is not true. it's insane to accuse so many people of being hackers. fuck that. anyway, i know this is hard to read. good. i hope you read over it several times trying to comprehend it. myself along with many others who were compromised have been gaming online for 15 years. in that fifteen years not once has my account been hacked.... NOT ONCE. so this is clearly a security issue with GGG. their database may not have been hacked, but protocols are not in place that literally every other company out there would have and that is cause for concern. it's obvious they put account security at the bottom of their priority list. but whatever. i didn't lose much and i understand this game's still in beta or whatever... but so far GGG has been very transparent and unreliable on every front. Last edited by omnibean on Feb 20, 2013, 3:34:58 PM	Posted by omnibean on Feb 20, 2013, 3:34:46 PM Quote this Post
I unexpectedly got hacked as well. I work as a sysadmin and I've fairly good knowledge of IT security. My own systems are secure. I've spend the evening searching for a clue how this could've happened, looking for hashes of my PoE password in hacked pw hash databases to no avail. I haven't even used the same login/pass combination anywhere else and no service where I've used either has been hacked to my knowledge. tl;dr: I'm pretty damn convinced there is a security issue on GGG's side.	Posted by altaccount on Feb 20, 2013, 3:38:20 PM Quote this Post
" at this point i know how they got my email/pw it was from twitter when they got hacked last ~april and everyone's email/pw were stolen i used the same email/pw for twitter and poe so oh well i'm not bummed about the items i lost, i just wish GGG would be more careful. they(by they i mean chris) are being incredibly naive about their security; releasing information about security upgrades publicly BEFORE THEY IMPLEMENT THEM... so foolish. such information being released forces people that have our info to act asap and essentially, GGG is to blame for all of us losing our items. but instead of admitting and apologizing for their mistakes, they accuse us all of being cheaters and attempting to use 3rd party programs with this game... which obviously is not true. it's insane to accuse so many people of being hackers. fuck that. anyway, i know this is hard to read. good. i hope you read over it several times trying to comprehend it. myself along with many others who were compromised have been gaming online for 15 years. in that fifteen years not once has my account been hacked.... NOT ONCE. so this is clearly a security issue with GGG. their database may not have been hacked, but protocols are not in place that literally every other company out there would have and that is cause for concern. it's obvious they put account security at the bottom of their priority list. but whatever. i didn't lose much and i understand this game's still in beta or whatever... but so far GGG has been very transparent and unreliable on every front. "Uses same email/password for multiple accounts" "Gives security advice to a professional" I agree that they need some work on a few things, though telling people they are upping security isn't going to change anything. Hackers are stealing as much as they can as fast as possible. It's all about short term profit.	Posted by Lask001 on Feb 20, 2013, 3:44:41 PM Quote this Post
Best friend got hacked. Seasoned gamer who's carefula s hell. I refuse to believe he was dumb enough to lose his information or get tagged with a keylogger. Not at the same time as so many other people. I can't even play this game anymore without him.	Posted by Hakusan on Feb 20, 2013, 3:51:49 PM Quote this Post
The worst part is ggg refuses to help those who lost items. at least other company's help people who lose items.	Posted by caspdown on Feb 20, 2013, 3:56:53 PM Quote this Post
" Hakusan wrote: Best friend got hacked. Seasoned gamer who's carefula s hell. I refuse to believe he was dumb enough to lose his information or get tagged with a keylogger. Not at the same time as so many other people. I can't even play this game anymore without him. Seasoned gamer makes you a security expert how?	Posted by Lask001 on Feb 20, 2013, 4:01:23 PM Quote this Post
The strange thing is that there are only like 20 users who claim to be hacked or know somebody who seems to be hacked. Since the number is slim it's most likely related to some infected 3rd party tool. Yet nobody of them provides information what PoErelated sites they visited.	Posted by Hilbert on Feb 20, 2013, 4:21:36 PM Quote this Post
I was one of the ones hacked. Path of Exile things I've used are the wiki, poe.xyz.is, --link removed--, and the offline calculator. I'm sure the email and password I used were duplicated elsewhere on the internet, since anyone that uses a truly unique email/password for each website they are on is either a god, crazy, or a liar. Was I aware of a place it was used and compromised? No, but who knows. I don't really care about losing some silly video game currency. I hope GGG learns from this and implements measures to ensure characters can be rolled back and currency can be returned. It's 2013, 2-factor authentication should be second nature. I know I use it wherever available. While it may be the users fault for using a password that could be compromised from somewhere else, it is also the provider's fault for making it easy to use. Last edited by ionface on May 23, 2013, 3:55:55 AM	Posted by mknzee on Feb 20, 2013, 4:41:55 PM Quote this Post
" Plumb3d wrote: I logged on today and all of my good currency has gone. But gear was left alone. Stop all this "get better security shit". I know how to use a PC Same, i have 2 6 links right next to the currency that went missing. Yet all that was taken was my maps and currency.	Posted by Sylv on Feb 20, 2013, 4:42:09 PM Quote this Post
" Hilbert wrote: The strange thing is that there are only like 20 users who claim to be hacked or know somebody who seems to be hacked. Since the number is slim it's most likely related to some infected 3rd party tool. Yet nobody of them provides information what PoErelated sites they visited. From one of other threads: " Deziowy wrote: " altaccount wrote: " Hilbert wrote: Why aren't you constructive and post PoE related sites or websites you used with the same account? Let me post mine, here are the PoE-related sites: Here's also a list of all services where I've used the same login credentials: wow , thats pretty much copy of my services/poe related sites. Lets find out which one is wrong together xDDD	Posted by altaccount on Feb 20, 2013, 4:42:41 PM Quote this Post