Account Security / 2 factor Authentication
|
Hi,
My account was hacked / stolen. I use steam to log in so I'm not sure how someone was able to unlink my account from steam and change to contact info to steal it. Beyond that. Customer service has refused to restore my account to me. I've tried to support GGG when playing the game making regular purchases and spent hundreds of hours getting achievements and unlocking hideouts and such. I went through a whole process with support verifying my identity and ownership of the account including providing steam receipts for purchases, IP address, and everything else they asked me to do to verify that this is my account. How can a hacker steal my account easier than I can get it back? You really need improved security. I never received any emails to my original account email address verifying that it was me wanting to change my contact and login info. There is no two factor authentication available. I really think you need better account security measures. I also think you need better customer service with regard to restoring a stolen account. Last bumped on Mar 17, 2022, 2:26:06 AM
This thread has been automatically archived. Replies are disabled.
|
|
|
If you answered all of those question to verify your identity, why did they not restore the account to you?
Also, there is 2-factor authentication by default in one respect. If you log in from a different IP address, you have to reply to an email message sent to you. That's 2-factor authentication. In that scenario, it's not possible for somebody to gain access to your account merely by knowing your password. Unless they're living with you, or use the same IP address as you for some reason, they would also have had to have had access to your email in order to use an additional security code sent to it. And in a chicken-and-egg scenario, they couldn't have logged in to change your contact information without first having had access to the original email account. So, if you never got an email message with a security code and they still got into your account, you have bigger issues than somebody learning your password and you losing control of your POE account. Either your email has been hacked or the responsible person is a roommate, family member, coworker, or another student—depending on your situation. Last edited by Sintactical#0765 on Mar 14, 2022, 10:25:25 PM
|
|
|
I live alone so there's no one here stealing my account.
My email has 2 factor authentication so it wasn't hacked. I moved from a different state after playing this game and never had to verify anything about logging in from a different IP address. I assume buying it through steam and it being linked to steam might have something to do with this. I did have someone hack my steam account briefly, but I was literally kicked while online and got the account back in minutes. I set up 2 factor auth on steam after that. I suppose it's possible they stole the PoE account in that time, but I still never got any kind of email about account changes to PoE. I hadn't played the game since a few weeks into ultimatum league and one of my friends wanted to come back and play this league and hit me up about it. They thought I was already playing again and contacted me on discord asking me why I wasn't responding to them in game. That's when I found out the account had been stolen. I immediately reported the account hack to customer support. They immediately locked the account and went through a lengthy process to verify my identity and ownership of the account. At the end of this process, they informed me that they would not restore the account for me, citing that it had been used to violate their ToS (terms of service). They won't tell me what the violations were; only that they will not give the account back to me. They also won't explain why the account hadn't been locked for ToS violations before I reported it stolen. I would think they have the ability to compare the ToS violations to the changes to the account after it was stolen and see that any violations were committed by the account thief. They did offer to transfer premium stash tabs from the locked account to a new account, (which still hasn't been done), but won't transfer any cosmetic MTs and that doesn't help me with the 1600 plus hours I spent grinding for hideouts, decorating the hideouts, most of which were unlocked, achievements, etc etc. Just the mere fact that they're willing to transfer stash tabs tells me they know it's not my fault. I really don't understand the logic of locking an account for ToS when it hadn't been locked or banned before I reported it stolen and I don't understand the logic behind not making me whole again after my account was stolen. It doesn't cost them anything and they've shown willingness to at least offer a partial fix. Why not be willing to offer a complete fix? I'm not asking them to refund stolen gear or currency, which I had irreplaceable gear from harvest league in standard that I'm sure is gone even if they give the account back. I just things like hideouts and RMTs restored. At the end of the day, they don't have any kind of two factor authentication app. I have plenty of accounts that don't develop their own and use google authenticator. There are options and fixes available. They just don't use them. |
|
|
Account hacking/stealing is very profitable and in an environment where many people treat this game as a literal real-life-job its to be expected when you combine that mentality with "online isnt real" and then give people a system where they have to use third-party tools, websites and communities to be able to compete or even stand a chance of seeing a particular craft/etc.
I'll forgo the obligatory 7 paragraphs about an auction house. Sorry to hear about your account troubles and i hope you get all of your mtx/etc ported over to a secure account, rip your legacy/other items in std. Innocence forgives you Last edited by SilentSymphony#3358 on Mar 15, 2022, 2:51:48 AM
|
|
|
how was someone able to hack your steam account?
and, it's mtx not rmt :) age and treachery will triumph over youth and skill!
| |
" i stared at that for a solid minute wondering.. what? Innocence forgives you
|
|
" How do hackers do anything? One of the things support did during the ID verification process is have me look my info up here. https://haveibeenpwned.com/ |
|
" Like I said, it costs them more money not to fix it for me than the nothing it costs them to fix it. I was also a bit surprised at how much negativity I felt when I started playing on a new account every time I saw someone's cosmetics in game and was reminded I lost mine or every time I see a rare hideout. Knowing that if I get hacked, I could lose any cosmetics I paid for doesn't motivate me to spend any more money than I already have buying more. This is the story people will hear any time I come across someone considering trying PoE. Then anyone who decides not to play passes the word on to their friends and so on. A lot of people out there play games in groups. The flip side of this is I could potentially tell a story about how great GGG support handled the situation to make me whole again after getting hacked and give them positive word of mouth. When you just run the numbers and statistics, you realize that for every customer who's willing to make you aware of a situation and offer you the chance to fix it, there are a lot more who don't speak up and just walk away unhappy and start bad mouthing you to everyone. Customer service improvements are a huge way for companies to find profit they didn't know they had. Last edited by Dominus_Straterae#2878 on Mar 15, 2022, 10:07:42 AM
|
|
|
I doubt this has happened the way you describe it. You're likely misunderstanding the situation and have imposed this scenario on whatever really happened and aren't open to think otherwise. You weren't "hacked". You gave your account away or sold it and regret the transaction. So you make up a fiction that could also be true, but it too far-fetched to believe. It's far more likely that something else has occurred, which is why you're having problems with GGG.
Be honest and you might get your account restored. Continue with your "hacked" story and no one will listen. |
|
" I am being honest. GGG has the ability to to see the behind the scenes info on the account usage. If they think this and this is the reason they're not restoring the account, they should say as much so I can show them my conversation with steam and prove the steam account was hacked. They might even be able to compare the timelines from that hack to the changes to my account. If whoever stole my account claimed I sold it to them, we can have that person show records of the purchase and follow the money to someone that isn't me. How about putting some thought into baseless accusations. You'll look less foolish. You're also in victim blaming territory. Is that who you want to be? Edit: So let's play out this scenario of yours. Let's assume you're right. The account is still locked and whoever would have bought it still got ripped off. There is no potential for anyone to get harmed further by erring on the side of caution and believing I was hacked and didn't sell the account. If you're wrong, they're punishing a victim for getting hacked and they bear at least partial responsibility due to flaws in account security measures that they could fix if they chose to. Now take this back to my original suggestion of better security measures. That would layer security that a hacker would have to get through. They'd have to hack a steam account, an email account, a PoE account, and intercept text messages for the 2 factor authentication in order to steal an account. If this kind of security was in place... First few to no PoE accounts would get hacked anymore unless they weren't using the security measures offered. Second, they would have a much stronger argument for believing that an account was sold and not hacked. Last edited by Dominus_Straterae#2878 on Mar 15, 2022, 11:43:42 AM
|
|
