Compromised PoE Accounts: Stolen Items and Hacked Accounts - Discussion and Leads

"

S0S#3157 wrote:

Seems to me that the only connection is the RMT involved in these accounts

What do you mean? Everyone involved did RMT?

"

S0S#3157 wrote:

Seems to me that the only connection is the RMT involved in these accounts

why would i RMT a game i love and spend countless hours over 11 years learning and loving to grind ? xD

Aah yes the consequences of going on Vacation and abandoning your game.

This is even worse than Concord

"

Krz3mien#0868 wrote:

So people are hacked because they cant secure their shit and they complain that GGG doesnt babysit them by securing their internet life or something?

after reading alot of reddit threads i decided to change all my passwords. (mail, poe, steam, google, microsoft)

I dont use any app/overlay for poe2.
I have never rmt'd.
I use steam with steam guard.
I have not visited any wierd/fake poe sites (only official trade, maxroll, mobalytics).
I never accept cookies for pages i visit temporarly, if the page dosnt allow me to "reject all" i dont use it.
I havent had a virus/malware since windows 95
I dont download pirated software/games
I always read where links sends me and enter the url manually instead of clicking.

And oh yea, all my passwords i changed are UNIQUE, no cross password using. About 30 hrs after i changed all passwords i was "hacked".

So please enlighten me how im supposed to "secure my shit"

I was recently hacked in POE2 - never hacked before in POE1.

- Looted character was quite invested - maybe around 300 divines or higher with HOWA, 400pdps bow, ~1170 EVA/460 ES, High Rarity Gear.
- Hackers took another big item (60 divine expert altar robe with around 842 es).

1. I used POE2 overlay to price check characters
2. I have steam guard but logged in with POE2 Client (standalone)
3. I use different passwords for many other games (generally unique) alongside security measures (MFA)
4. No RMT or providing form of password to other third-party sites
5. No malware/virus (over 25 years)

Sent an email to support, at least GGG can figure out what to do next to stop the wave.

I am also here to share that I was one of the stupid few who got their account hacked and reported to GGG about the matter.

Lesson learnt; don't report to GGG about any hacked accounts if you want to continue playing. Else you won't get to play during EA it seems.

"

waitingforunlock#4272 wrote:

"

Krz3mien#0868 wrote:

"

waitingforunlock#4272 wrote:

Can you prove that it's on our end? If yes, show me. If no, you're doing a wild guess. Since GGG did NOT say it's not on their end. If they would just add that information ANYWHERE. We could come back to this claim.

Hahaha, can you prove its on GGG end instead acting like a sore loser blaming others on your failure? You are making a baseless claim without any evidence and now I have now to disprove it (how I can even disprove something that happened to you?), otherwise its automatically true. Wow, you are special.

No, I can't. I gladly repeat myself. GGG does NOT say ANYTHING, regarding this matter, aside from contacting support copy-paste.

I'm making a baseless claim, which GGG can deny, if they want to. They did not. Yet.
So I don't understand what the problem is? Claims can be made and denied. I say, nothing on my side was wrong. It's my claim. I say it might be on GGGs side. It's my claim. Deny it if you want to.

Since a support answered to this in another thread, I take back my claim, that it might be on GGG's side.

Well, that means for me, that I have no idea how this happened. :)

The thread "Question Regarding Account Security Layers":
https://www.pathofexile.com/forum/view-thread/3673854

so, my email has 2FA and logs all IP addresses of logins, therefore i am sure that nobody logged into my emails.
my steam has 2fa and their login history shows all logins and logoffs with location/state and timestamps, so i am pretty sure that nobody logged into my steam.

since poe usually sends out emails when a user logs in from a new location, i assume that login info is also stored?
would it be possible to check if there was a login from a different location - in my case on dec26/27 (and then somehow the email didnt work), or if the system just didnt log a new login (which would maybe point to some token/session stealing or something else)?

"

The thread "Question Regarding Account Security Layers":
https://www.pathofexile.com/forum/view-thread/3673854

My email account shows no logins from any other locations at the time of the hack, meaning no 2FA verification prompts from Steam or Path of Exile (PoE) were triggered or deleted.

However, my Steam account displays 7-8 logins from different locations during the same two-hour period, yet I did not receive any security notifications or location verification messages from either Steam or PoE.

This discrepancy needs to be investigated thoroughly.

"

bestmaster1996#5421 wrote:

Do you think it's strange? From what I've read in various threads, why do I feel like many people are worried about reporting being hacked to support because they're afraid their accounts will be locked?

Yeah, it does feel weird doesn't it? Something different is happening right now though. There are mass hacks going on. I got hit too, and will be locked out soon presumably. GGG NEEDS TO KNOW the severity of the issue. Hiding it doesn't help anyone. Take one for the team.