For HomeFor BusinessFor Partners
Industry News
2 min read

Path of Exile 2 Players Hacked via Compromised Admin Account

Silviu STAHIE

January 14, 2025

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Path of Exile 2 Players Hacked via Compromised Admin Account

An unknown party gained control of a Path of Exile 2 admin account and changed the passwords of at least 66 people, leading to the loss of valuable items for the affected players. 

Path of Exile 2 is a role-playing game scheduled to land on all major platforms, including PC, Xbox and PlayStation. It's still in development, but the studio launched an early version to the public in December 2024. 

People lost accounts and items

For the past few weeks, a number of players have complained that their accounts have gotten hacked and they lost items in the process. The number of people affected is unclear, but Path of Exile 2 game director Jonathan Rogers explained what actually happened, according to a report from 404 Media. 

It turns out that an old Steam account was linked to an admin account on Path of Exile 2's website, giving the hacker access to a number of features reserved for support staff, including the option to change passwords. 

"Effectively, what they had access to was the same stuff that customer service had access to," said Rogers in a podcast. 

Matters only got worse

What compounded the problem was a bug that essentially made these changes much more difficult to spot. Typically, a password change is a significant action that should be added to logs that can be audited later. However, the password change was only added to a note, which could be deleted. 

The studio knows of 66 deleted notes, which means the attack compromised at least 66 accounts. But the security issues don't stop here. The entire system was designed only to keep logs for 30 days, so it's possible the hacker compromised many other accounts. 

This also means it will be difficult, if not impossible, for the developers to restore the content people lost. The attacker was quick to transfer valuable items to other people. 

Path of Exile 2 doesn't have multi-factor authentication and currently relies on Steam's layer of security. According to Rogers, the studio also plans to add two-factor authentication for players, making these kinds of events much more difficult to pull off.

tags

Industry News

Author

Silviu STAHIE

Silviu STAHIE

Silviu is a seasoned writer who followed the technology world for almost two decades, covering topics ranging from software to hardware and everything in between.

View all posts

Right now Top posts

Your Device ‘Fingerprint’ Will Go to Advertisers Starting February 2025
Industry News Digital Privacy

Your Device ‘Fingerprint’ Will Go to Advertisers Starting February 2025

December 24, 2024

3 min read
Beware of Scam Emails Seeking Donations for UNICEF or Other Humanitarian Groups
Scam Digital Privacy

Beware of Scam Emails Seeking Donations for UNICEF or Other Humanitarian Groups

December 19, 2024

3 min read
How to Spot a Voice Cloning Scam
Scam How to Tips and Tricks

How to Spot a Voice Cloning Scam

December 16, 2024

6 min read
Torrents with Pirated TV Shows Used to Push Lumma Stealer Malware
Threats The Safe Nomad

Torrents with Pirated TV Shows Used to Push Lumma Stealer Malware

November 14, 2024

4 min read

FOLLOW US ON SOCIAL MEDIA

You might also like

Path of Exile 2 Players Hacked via Compromised Admin Account
Industry News

Path of Exile 2 Players Hacked via Compromised Admin Account
Silviu STAHIE

January 14, 2025

2 min read
Pro-Russian Hacker Deployed Major DDoS Attack Against Italian Targets
Industry News

Pro-Russian Hacker Deployed Major DDoS Attack Against Italian Targets
Silviu STAHIE

January 14, 2025

2 min read
OneBlood Ransomware Attack in July Exposes Donors’ Personal Data
Industry News Data Breach Digital Privacy

OneBlood Ransomware Attack in July Exposes Donors’ Personal Data
Vlad CONSTANTINESCU

January 14, 2025

2 min read

Bookmarks

loader