My account was Hacked and Grinding Gear Games Banned Me!

I just want to share my situation with others who may go through the same as me.

I used to play the game normally until one day that I saw that all of my in game currencies were gonne!!

I opened a post on the forum to see if anyone else had the same problem!! At first I thought that I was probably due to the launch of the new season that my stuff were gonne, but one day, my new season character (the huntress) just disappeared. Instead of my huntress character I had a new character, a Warrion Level 45 (I was level 14 with the Huntress).
I immediately sent an e-mail to Grinding Gear Games for suport but got no response from them.

I went to my steam account and checked the devices where my account was logged and only my phone and Desktop came through.
I changed my steam password and started playing!!! Suddenly in the middle of my game I was logged out because someone had connected to my account on another place!!!

I sent a new e-mail to Grinding Gear Games and then I went to POE webpage to check my account!!!
On POE webpage I tried to change my password but everytime I requested the link to change the password, I didn't received any e-mail!!

I then went to check my e-mail address on POE webpage and I discovered that the hacker had changed my e-mail address from my POE account and because of that I couldn't receive the password reset link.

I couldn't change my e-mail address because the Webpage was asking for the password (the hacker changed the password) and I couldn't do the reset due to the fact that I couldn't receive the reser link.

For a fez dayS I had to share my POE2 account with the hacker... I played at night and he played in the mornings and afternoons (the hacker is from Asia)

2 DAYS ago, I was playing and then suddenly I got removed from the game and couldn't log in anymore... I discovered the next day that Grinding Gear Games had Banned me for using a 3rd party app to play the Game instead of using the official apps!!!

They sent me a message on my POE account and I replied to them and even forwarded the previous e-mails that I've sent them!!

I've explained the hacking situation and that I wasn't fair to be banned for something that wasn't my fault and that I requested their support to solve the issue.

They simply didn't cared and said that the decision was made and the account was to be permanently banned... They told me that if I wanted to keep playing the game again I would have to create a new account!!!

Now I'm unable to play a game that I PAYED for, because someone hacked my POE webpage account (It wasn't the steam account) and did something that I had preaviously reported to Grinding Gear Games.

I created this new account to try to link to my steam account and I'm unable to link my steam account to this new account because Grinding Gear Games say that I cannot modify login methods of a banned account.

So, now I have to pay for a new Game and I have to create a new Steam User or probably try to use Epic because of course, GRINDING GEAR GAMES doesn't give a Damm about the Players!!

It's easier to charge a new game to players than to solve their problems.

I am sincerely sorry to hear that.

Please don't think I'm trying to get a cheap shot in or kick you when you're down, but if you do decide to start again with a new account, I'd strongly suggest that you download the standalone game client (PoE 1, PoE 2) and avoid linking your Path of Exile account to any external authentication providers, so that there's only a single set of account credentials that can be used to access the account - an email address and password, both of which you know and are under your control.

I am more than a little concerned by the fact that someone (from another continent?) gained access to your original account to begin with. Either you had an imminently guessable password, or else there is malware on your computer.

You don't mention running any security scans since discovering the interloper. To be honest, at this point, if I were you I would 100% be performing a fresh install of Windows / macOS / whatever and starting over. The risk of malware is just far too high, and certain types of malware such as rootkits can be very good at evading detection - even if other components get detected and removed in scans. I really hope you haven't been using that same computer to buy things online...

Thinking about it further, it is moderately likely that the person who had broken into your Path of Exile account has access to any email accounts you had used for it. As you yourself discovered, to change the email address associated with the account or reset its password, the system sends a confirmation link to you via email that you must click on to continue.

It is common for such people to break into the associated email account, click on the links from the automated emails, and then later delete those emails to cover their tracks.

Make sure that after reinstalling your OS you change the password to your email.

Also, if your email provider supports it, please enable 2FA / MFA support. Just yesterday I got a Microsoft Authenticator prompt asking me to permit or block a sign in attempt being made in Germany for one of my @hotmail.com accounts. I am Scottish and live in Ireland, and I've never once even visited Germany. Using a password manager to generate 22+ character passwords for each account is a great first step for account security, but an app on your phone that allows you to immediately shut down any attempt to break into the account really changes the game.

And apps such as Microsoft Authenticator are always completely free to use, too. The service providers want people to use them, as it cuts down on their costs by significantly reducing the number of support staff they need to help with account compromises.

If you're just now considering a password manager, I personally would very strongly recommend Proton Pass. The free plan allows you to use it for an unlimited number of accounts and to generate an unlimited number of secure, randomly generated passwords alongside other features. If you're willing to spend less than the cost of a single beer on it per month, it will also allow you to generate an unlimited number of email aliases for you. These will automatically forward on any emails they receive - but they mean you never re-use your password or your email address for multiple accounts. So in the case of your recent experience with Path of Exile, the person would have had to know both to sign into your Path of Exile account using the address 11134randomexample@passfwd.com but that this is a fake email address and they would actually need to break into your_email_address@example.com. They've no way of knowing that, so it helps a lot.

But like I say - even the free plan would do a lot for you.


(I don't and have never worked for Proton. The above link is not an affiliate link. I'm not trying to specifically promote their service, I'm just trying to provide steps for improving account security. Other password managers e.g. Bitwarden are also good. Please never use LastPass.)

I will immediately reinstall my PC and procede with a security check on my e-mail accounts.

Unfortunately I won't be buying anymore the POE2 game... I have more than 500h in this game and I've spent money buying in game stuff.
I think that GGG should be more empathetic torwards the gamers problems before
taking a decision!!!

If this was a situation where I hadn't reported the issue on time I would understand their decision, but I have even sent them the reporting e-mails so they could check that I wasn't my fault but they didn't care!!

I as the owner of the account, I only used STEAM to connect my POE2 account to and STEAM is a APP aproved by GGG.

"

Andersonnaval#0884 wrote:

Unfortunately I won't be buying anymore the POE2 game...

I can certainly understand how you feel.

I'm not able to help with MTX or points, but I'd be happy to DM you a spare Path of Exile II Early Access key from my supporter pack if you'd be interested?

I'm very frustrated with this situation...

If you can give me the spare key I will humbly accept it and I will be gratefull for your gesture!!! I just don't understand how is it possible for the Team of GGG to not have the same kind of attitude that you are having towards me!!!

I understand that some situations require extreme measures, but at least they could check my reports to see that I'm telling the truth.

I'll tell you something... Even if you didn't offered me the key, just for the fact that you where able to take your time and explain it to me how I could prevent this kind of things from happening, that attitude right there, was enough to make me gratefull for your support.

Best regards.

I have sent you a key via DM. Find it here.

I assume the key is redeemed here, though I’ve not gone through the process myself;
https://www.pathofexile.com/shop/redeem-key

The key is not valid for either console; it can only be used on PC.

What a guy, Sarno. Praise to you for offering him a spare key.

I'm in the same boat as well.

Account was hacked in late December, due to one of their Admin accounts being compromised when the first hack wave came thru, reported to GGG via email; 4+ month process of trying to get it unlocked with absolutely zero progress due to lack of communication.