Grinding Gear Games has acknowledged that Path of Exile 2 suffered a data breach after an admin account belonging to one of their developers was compromised. In response, the developers have outlined plans to enhance the security of their admin accounts to prevent future breaches in both Path of Exile 2 and its predecessor, which share a common login system.
Since its early access launch in December 2024, Path of Exile 2 has enjoyed a robust player base, supported by regular updates and clear communication from Grinding Gear Games. A recent update enhanced the game's performance on the PlayStation 5, addressing issues with monsters, skills, and damage. The next major patch is on the horizon, and the developers have addressed the data breach issue before players dive into the new content.
The official Path of Exile 2 forum was updated with a notice from the developers, confirming the data breach discovery during the week of January 6, 2025. The compromised account had admin access to the website, typically used by the customer support team. Upon discovery, the developers immediately secured the account and enforced password resets for all other admin accounts. Further investigation revealed that the breach occurred through an old Steam account used for testing, which provided the attacker with enough information to hijack the developer's Path of Exile account. Although the Steam account itself contained no personal information, the access to the developer's account allowed manipulation of other accounts via the developer portal.
Path of Exile 2 Developer Grinding Gear Games Confirms Data Breach Involving Compromised Staff Account
The attacker managed to set random passwords on 66 accounts and exploited a bug to delete logs tracking changes. Grinding Gear Games has since fixed this bug, but not before the attacker accessed account information through the developer portal. While passwords and password hashes were not directly accessible, the attacker could potentially use email addresses to bypass region locking on Steam-linked accounts by comparing them against lists of compromised passwords from other sites. The breach also allowed the attacker to view transaction and private message histories with Grinding Gear Games staff. To mitigate future risks, the company has implemented stricter IP restrictions and prohibited linking third-party accounts to staff accounts.
The community's reaction to the breach has been varied. Some players appreciate the transparency from Grinding Gear Games, while others advocate for the addition of two-factor authentication to Path of Exile 2 accounts. There is a clear demand from a significant portion of the player base for enhanced security measures, alongside requests for improvements in in-game content and adjustments to the endgame difficulty in Path of Exile 2.
Announcing the Bazaar Release: Date and Time Unveiled
Feb 02,2025
Andrew Hulshult 2024 Interview: DOOM IDKFA, Blood Swamps, DUSK, Iron Lung, AMID EVIL, Music, Guitars, Cold Brew Coffee, and More
Jan 07,2025
Professor Doctor Jetpack is a Pixel Art Precision Platformer Now Out on Android
Dec 30,2024
A demo of the fan-made sequel Half-Life 2 Episode 3 Interlude has been released
Jan 05,2025
Teamfight Tactics 14.14 Patch Notes: Inkborn Fables Finale
Jan 11,2025
Android Welcomes Virtual Pet Haven: Pet Society Island
Jan 09,2025
Switch 2: Summer 2024 Launch Expected
Dec 11,2024
Sword Master Story Is Celebrating Its 4th Anniversary with Tons of Freebies!
Jan 09,2025
All Camo Challenges in Call of Duty: Black Ops 6 Zombies
Jan 05,2025
Marvel Rivals Unveils Season 1 Release Date
Feb 02,2025
Ben 10 A day with Gwen
Casual / 47.41M
Update: Dec 24,2024
A Simple Life with My Unobtrusive Sister
Casual / 392.30M
Update: Dec 10,2024
The Lewd Knight
Casual / 1210.00M
Update: Jan 02,2025
Kame Paradise
Chumba Lite - Fun Casino Slots
Little Green Hill
I Want to Pursue the Mean Side Character!
Evil Lands: Online Action RPG
Lost Fairyland: Undawn
Hero Clash