Account hacked.

I have had a great affliction league and got mirror worthy gear. I stopped playing now for a while. When I logged back in after a few weeks, it said I am logging in from a different location. Then when I went in, my expensive gear is gone. I don't want it back or anything like that. These hacks happened. I changed my password immediately. All I want to know is there a way to see when this hacker logged in as me. And who the user traded with? If that's not possible then its fine. It can be good to maybe flag these accounts. And also, what extra security measures can I use to make sure this does not happen again?

"

Blakrion wrote:

All I want to know is there a way to see when this hacker logged in as me.

They won't divulge who was in receipt of those items, mostly mule accounts before ending up with often innocent people who trade normally.

As for the time, not sure if GGG would tell you BUT it depends on how smart the "hacker" was...they may have left the unlock code email they got in your trash (of could have emptied it)

FYI though, changing your game password is fine and all BUT would be hackers have your email address and password as well and more often than not would have obtained the details through keylogging.

"

And also, what extra security measures can I use to make sure this does not happen again?

Most important, not only for Path of Exile:
Do NOT use the same password on more than one service/forum/game. Never. Just don't do it.
Especially if it is tied your email adress (which then may use the same password as well).

Use a Password Manager (e.g., Keepass) to keep your passwords managed.

While the reports might exist, they will not be shared.

I'd argue its borderline impossible to keep your PW hidden over a long period of time.

There is no MFA in this game.


Here are some tips -
EMAIL:
2FA
Unique password
Make it an email that does not use any similar alias / make it random and not related to poe.
Do not use the email for anything other than Path of Exile.

GGG Account:
use a PW manager and charge your password regularly.

I'm not sure if this protects against stealer logs which is malware that sits on your PC and takes all your login information. It is then aggregated and sold in large groups. If your PC is infected with a log stealer, it doesn't matter if your PWs are the same or not.

Unfortunately, the last security update for our accounts happened back in 2013 when they added the location lock after string of account hackings. Tried and true methods to hack back then still work now. Don't blame yourself being hacked. Hacking tools have been updated to 2024 but PoE is 11 years behind the curve.

Edit : here is the last time security was updated
https://www.pathofexile.com/forum/view-thread/180183

I do not advise you to write to technical support. they will not help you in any way, they will only block your account and then ask random questions about how to unblock your account