Compromised PoE Accounts: Stolen Items and Hacked Accounts - Discussion and Leads

Really hope this isnt somehow another server breach, despite the announcement to the contrary, but mounting evidence is suggesting otherwise at this point.

I'm just going to list some arbitrary words here. totally unrelated to anything else being discussed in this thread. yup.

full demi set (2 swords, 2 rings), plus all the alternates
dozens of extra demi belts and rings
alt art saffels frame
alt art alphas howl
alt art queen's decree
various other smaller things, mostly related to the old race rewards
one VERY nice retun proj sword crafted in settlers league

RIP

public profile (not anymore, though)

standalone client

password frequently changed and very long

no emails about suspicious access

"you are logging in from another location" upon logging in today

definitely some backdoor admin access shenanigans

NOONE IS SAFE

remember: the above is just an arbitrary sequence of words. NOT to be interpreted as an official report or complaint requiring any action to be taken.

I'm gonna go farm some maps in ruthless now...

VERY IMPORTANT EDIT: i've just discovered that my steam account has been hacked. i can't log in to it anymore. although i did not ever (EVER) use steam to start or log in to poe, i DO have that steam account associated with this poe account in my "manage account" settings (suspiciously labelled as "Secondary Login"!) . i think i did this 6 or 7 years ago when poe/steam ran some free MTX promotion. but poe is not even listed in my games on steam. i don't understand how someone could use a hacked steam account to access a standalone poe client, but maybe...

"

Fightgarr#3134 wrote:

I'm just going to list some arbitrary words here. totally unrelated to anything else being discussed in this thread. yup.

remember: the above is just an arbitrary sequence of words. NOT to be interpreted as an official report or complaint requiring any action to be taken.

Good idea, you dont want your account locked for weeks or more as an additional punishment.

Multiple streamer victims offered this as advice, and it honestly baffles me why corporate would choose to disincentivize reporting in this manner, especially since in the cases where purchases of EA keys were made and sold, it was also too late by the time account locks were enacted, so Im not sure exactly how they are intended to be helpful with a multiple week (minimum) CS backlog.

I have gotten a reply from a reddit user that he both had 2fa enabled on steam, and never logged in with standalone. This is VERY bad news.

If anyone from GGG is paying attention here, I am happy to put you in touch with him if you wish to investigate his particular case further.

(This is Fightgarr from a few posts above, on an alt account)

OK so first of all, things have escalated, so now im officially saying that YES i got hacked earlier today. My hand has been forced.

So I was just playing on the Fightgarr account some more (about 30 minutes ago now) and suddenly got logged out with the message "someone else has logged in to your account" or thereabouts. the bastards had returned for more! i tried logging back in, had to go through the email security code process, and successfully relogged, but 2 seconds later i was logged back out with the same "someone else has logged in" message.

after sending an urgent email to ggg support asking them to lock down my account (which hopefully they see soon, but it's already 6PM for them), and not knowing what else to do, i repeated the login process several more times, each time getting kicked out in the same way, but eventually GGG locked the account and wouldn't let me try to log in anymore (which hopefully means the hacker is locked out as well but who knows).

each time i was re-kicked from my login, it only took the hacker a few seconds (especially once they realized i wasn't going to give up, i guess... practically instant re-logs by them). so they are DEFINITELY not going through the normal login process. they certainly were not waiting for security emails from ggg to enter access codes like i was!

i also changed my password since earlier today when i first learned of the hack, so if they had my old password it wouldn't have worked for them now.

hope this helps with the investigation, and pray for my remaining items guys...

^To make it clear on the above post prior to edits I have asked him to consider, he has said they logged in multiple times AFTER he changed his password due to the initial hack in communications on my subreddit for collecting evidence.