Potential User Data Breach
" As far as I am aware, they are only required to notify you when "personal information was, or is reasonably believed to have been, acquired by an unauthorized person". Chris said that there is currently no evidence of this. So AFAIK, they didn't legally have to inform us yet, they are just being a responsible company. (please someone correct me if I'm wrong) Last edited by Aziraphale on Mar 28, 2017, 5:26:18 PM
|
|
" It's possible they did some investigation to further understand the breach and what was affected, and to make sure there were no more signs of the intruder within the system. If they let us know immediately while the intruder still had access, the intruder might be able to hide their tracks better. | |
" Shouldn't there still be some form of user id and authentification send between steam and POE for steam users? I would imagine that even with this information not much could be done, considering steam sends a message when you try to log in from a new location (though there would not be any login in steam). trying to do anything (like making a payment) would not be expected to work since steam does not know that you are logged into a game | |
|
It's unfortunate this happened, but GGG seems to have handled it very well.
| |
|
Maybe it was just a hobo squatting internet. But wow, 10 days? That's a little long to notice there is a illegal user on the network. Though I guess since it's a gaming company who's not use to high security they were lax on network access.
| |
|
well it was time for a passwort change anyways for me, i try it to change every 3-6month or so so why not ^^
hope nothing was stolen too 30 Shores with Double Pack / Breach / Max Sextants https://www.pathofexile.com/forum/view-thread/2006424/page/1
First Selfmade Build as Sparker ( MF ) https://www.pathofexile.com/forum/view-thread/1637690 1 Million Tool Tip Dps Sparker https://www.pathofexile.com/forum/view-thread/1761162 |
|
|
Thank you for letting us know, Chris.
While my password is complex. should it be bruteforced or hacked into... obviously by validated IP login conflicts etc, does GGG have any plans to restore accounts evidently hacked? I got a fever and the only prescription, is more cowbell!
|
|
|
I have posted this in the feedback forum before, but will post this again here:
Could we please get a 2nd password for our accounts, which is needed to access our items(stash/inventory/equipped gear)? This is how I envision it to work: After logging in like we do now, for the first time when you try to pick up an item in your inventory, equipped items or stash you will be prompted for this password. This password could be a simple 4 or 5 digit code. This password would only have to be used once per log-in, and auto log-offs the account when you attempt three failed uses in a row. Meaning that even if somehow your account would be brute-forced, your items would still be safe. The advantage is that your items are always safe, even if your account does get hacked. The disadvantage would be people forgetting their 2nd password and mailing GGG for this. I've actually used this type of system in another mmo I used to play, and it worked great. Would this 2nd password be something GGG could take a look at? |
|
|
It's not fair that GGG gets Breach while standard players don't.
Never underestimate what the mod community can do for PoE if you sell an offline client.
| |
" How could GGG a separate entity store steam's passwords? Like, do you think before posting? Nice try at trying to make this into a bigger deal than it already is. "Good thing they nerfed the carto, it wasn't fun to find one in every map." - Haborym Last edited by monkuar on Mar 28, 2017, 5:53:45 PM
|
