Home News Path of Exile 2 Apologizes for Major Data Breach

Path of Exile 2 Apologizes for Major Data Breach

Author : Connor Feb 19,2025

Path of Exile 2 Developer Addresses Major Data Breach

Grinding Gear Games, the developer behind Path of Exile, has issued a public apology following a significant data breach earlier this month. The breach stemmed from a compromised Steam test account with administrative privileges. This compromised account allowed unauthorized access to over 66 player accounts.

Security Lapse and its Consequences

Path of Exile 2 Apologizes for Major Data BreachThe breach involved a long-standing test account lacking robust security measures like phone number or address verification. This vulnerability allowed a hacker to deceive Steam support, gaining access using minimal information (email, account name, and a VPN to mask location). The attacker exploited this access to reset passwords on numerous PoE 1 and PoE 2 accounts, leveraging internal customer support tools. Furthermore, the hacker deleted password change notifications, concealing their actions from affected users.

Path of Exile 2 Apologizes for Major Data BreachSensitive data accessed included email addresses, Steam IDs, IP addresses, shipping addresses, unlock codes, transaction histories, and private messages. Grinding Gear Games acknowledges the potential for malicious use of this stolen information.

Enhanced Security Measures and Player Response

Path of Exile 2 Apologizes for Major Data BreachIn response, Grinding Gear Games has implemented enhanced security protocols for administrative accounts, including stricter IP restrictions and a prohibition on linking third-party accounts to staff accounts. The company expressed deep regret for the security lapse and pledged to prevent future incidents.

The community's reaction has been mixed, with some praising the developer's transparency while others advocate for the immediate implementation of two-factor authentication (2FA) to bolster account security. While the addition of 2FA remains pending, players are urged to change their passwords and remain vigilant about their account information.

Path of Exile 2 Apologizes for Major Data Breach