Question Regarding Account Security Layers

Hi GGG Team,

I hope this message finds you well. I’m reaching out with a question about account security. Recently, my account was compromised despite using a unique password and avoiding third-party software. I’ve also noticed similar reports from other players across both the standalone and Steam versions.

One specific concern that has been raised is whether the security layer involving email prompts for new login locations—or any other account protection measures—has been compromised or is experiencing issues. Could you confirm if all security layers are functioning as intended and reassure us that there haven’t been any known vulnerabilities?

This information would help the community better understand the current situation and what steps we can take to protect our accounts. Transparency on these matters would be greatly appreciated.

Thank you for your time and attention.

Best regards

"

JC_GGG wrote:

The security systems we have in place are functioning normally. If you are concerned about the security of your account, I recommend changing your account password to ensure that it is unique and complex, as well as securing your login methods. For example, if your email address is one of the login methods for your account you would want to ensure your email password is unique and complex and might consider using 2-Factor Authentication on your email, as malicious users would need access to your email to make any changes to your account. Likewise, if your account is linked with Steam or Epic Games you'll want to ensure those accounts are secure, as malicious users could use your Steam or Epic Games credentials to access your account as well in that case.

working normally? why my account locked from the 1st day and the unlock code not send to my email?

"

JC_GGG wrote:

If you aren't receiving your unlock code, I recommend double checking your spam and junk mail folders to ensure that the automated email isn't being filtered by mistake. If you still aren't able to receive your code, please contact us at support@grindinggear.com so that we can investigate the issue with you. We aren't able to assist with account-related issues via the forums.

Of course i look into my spam. Everyday every hour~!
contact your support? i did that since first day of launch. also send all the info via screenshot including my purchase receipt,my POE1 character,locked screen info. just a unlock code..until now i haven't able to get it.
some my friend already play poe2 until abit burnout, yet i havent able to log in to have a peek yet.

"

JC_GGG wrote:

The security systems we have in place are functioning normally. If you are concerned about the security of your account, I recommend changing your account password to ensure that it is unique and complex, as well as securing your login methods. For example, if your email address is one of the login methods for your account you would want to ensure your email password is unique and complex and might consider using 2-Factor Authentication on your email, as malicious users would need access to your email to make any changes to your account. Likewise, if your account is linked with Steam or Epic Games you'll want to ensure those accounts are secure, as malicious users could use your Steam or Epic Games credentials to access your account as well in that case.

Thank you for the response. I appreciate the advice on securing my account. However, I wanted to clarify and expand on my concerns regarding the login location prompt system.

Both myself and other players who experienced account compromises have personally tested the login security features. When logging into Steam from a new location, the system prompted us to verify the login through Steam's security measures. Similarly, when accessing the standalone client using an email login, we received a code sent to our email due to the new location. These tests demonstrate that the security features generally function as intended under normal circumstances.

However, during the account compromises, no such prompts were triggered in either case, even though the logins occurred from what should have been flagged as new locations. This inconsistency raises concerns about whether the system is functioning reliably in all scenarios.

Could you confirm if the login location prompt system (or any related security layers) has been reviewed recently and is functioning as expected? Additionally, has GGG investigated why these incidents are being reported despite the system appearing to work correctly in controlled tests? Transparency on these points would go a long way in reassuring the community and helping us protect our accounts.

If all the security layers, including the login location prompt system, are functioning as intended and there are no known vulnerabilities, then I greatly appreciate your efforts in addressing this matter. I apologize if this message feels repetitive, but I wanted to ensure my concerns are as clear as possible. In that case, there doesn’t seem to be anything further to address from your side, and I’ll continue to follow best practices to ensure my account remains secure. Thank you again for your time and transparency.

Best Regards

"

JC_GGG wrote:

As mentioned, the security systems we have in place are functioning normally, as you say you've personally experienced from your own testing. I'm afraid we aren't able to speculate as to how a malicious user would have gained access to a particular account. For instance, if the associated email was compromised, then the malicious user could have received the unlock code, used it to get into the account, and then deleted the email to remove any trace of their tampering. This is why we always recommend that players ensure any credentials connected to their Path of Exile account are kept secure, with unique and complex passwords.

It would also be a good idea to perform a malware scan regularly in case malicious programs like keyloggers have been installed by mistake.

I would also recommend being extremely careful about providing your login credentials (for any service you use, including things like Steam) to any website that you do not trust, even if it appears at first glance to be an official page. There have been cases in the past of people being given a "free Steam gift" only to be taken to a Steam login page that looks just like the official Steam login page but in fact was a phishing site, and attempting to log into that site would be handing your credentials to an unknown and malicious user.

I hope this has helped. I'm sorry we aren't able to be of more assistance with this but as mentioned we can't really discuss accounts on the forums, for privacy and security reasons, so if you have any problems with your account it would be best to contact us directly at support@grindinggear.com so we can better look into your specific situation.

Thank you for your detailed response and advice. I’ve already contacted support regarding my account, and I’ll continue to follow up with them directly whenever they send a response.

Since nothing appears to be wrong on GGG’s side based on your explanation, it seems we’re back to square one in terms of understanding how this happened. Hopefully, things will become clearer with time.

I appreciate your time and effort in addressing my concerns.

"

JC_GGG wrote:

As mentioned, the security systems we have in place are functioning normally, as you say you've personally experienced from your own testing. I'm afraid we aren't able to speculate as to how a malicious user would have gained access to a particular account. For instance, if the associated email was compromised, then the malicious user could have received the unlock code, used it to get into the account, and then deleted the email to remove any trace of their tampering. This is why we always recommend that players ensure any credentials connected to their Path of Exile account are kept secure, with unique and complex passwords.

It would also be a good idea to perform a malware scan regularly in case malicious programs like keyloggers have been installed by mistake.

I would also recommend being extremely careful about providing your login credentials (for any service you use, including things like Steam) to any website that you do not trust, even if it appears at first glance to be an official page. There have been cases in the past of people being given a "free Steam gift" only to be taken to a Steam login page that looks just like the official Steam login page but in fact was a phishing site, and attempting to log into that site would be handing your credentials to an unknown and malicious user.

I hope this has helped. I'm sorry we aren't able to be of more assistance with this but as mentioned we can't really discuss accounts on the forums, for privacy and security reasons, so if you have any problems with your account it would be best to contact us directly at support@grindinggear.com so we can better look into your specific situation.

Hey JC, thank you for responding to this thread.

Is there any way for either you or myself to check the login history for my poe account?

I am asking because my account got compromised in the same way and I never received the "new location code" email from GGG.
My E-Mail provider has 2FA and logs all IP Addresses that log in, therefore I am very certain that nobody logged into my Emails.
Steam has 2FA and also offers an overview with the login history, showing the login and logoff time, location and state. All of that info matches only myself, therefore I am very certain that nobody logged into my steam account.

However, I still got hacked and lost all of my valuables.

Since the game usually sends out Emails when there is a login from a new location, I assume that info is stored somewhere on your end.

I am just curious if the login from the hacker (in my case between dec26 10:31 pm and dec 27 8:58 am, both GMT+1) was logged.

If it was logged, it seems like that email was somehow not sent out, if it wasnt logged, maybe they found another way to get in. Is there any way to check this?

Thanks