Path of Exile 2 Confirms Data Breach

Path of Exile 2 Developer Acknowledges Data Breach

Grinding Gear Games, the developer behind Path of Exile 2, has publicly confirmed a data breach that occurred during the week of January 6, 2025. The breach stemmed from a compromised developer account linked to Steam.

Breach Details:

A significant number of player accounts were affected. Compromised data includes email addresses, Steam IDs, IP addresses, shipping addresses, and unlock codes. While passwords and password hashes were not directly accessible, the attacker potentially used compromised email addresses to circumvent region locks. In some cases, transaction and private message histories were also viewed.

The breach originated from a developer's admin account, granting the attacker access to tools used by the customer support team. The attacker also managed to alter passwords on 66 accounts and exploit a bug to delete relevant logs. This bug, since patched, only affected log deletion related to this specific breach.

Grinding Gear Games' Response:

Following the discovery, the compromised account was immediately locked, and all other admin accounts were forced to reset their passwords. A thorough investigation revealed the compromised account was linked to an old, unused Steam account employed for testing purposes. To prevent future incidents, third-party account linking to staff accounts has been disabled, and significantly stricter IP restrictions have been implemented.

Community Reaction:

Player reactions have been varied. While some commend Grinding Gear Games' transparency, others advocate for the implementation of two-factor authentication for enhanced account security. Many also express desires for improved security measures, additional in-game content, and endgame difficulty adjustments.

Key Takeaways:

• A data breach affecting Path of Exile 2 player data has been confirmed.
• Sensitive information, including email addresses and IP addresses, was compromised.
• Grinding Gear Games has taken steps to improve security, including disabling third-party account linking for staff accounts and implementing stricter IP restrictions.
• The community is calling for further security enhancements, such as two-factor authentication.

(Replace https://img.icssh.complaceholder_image.jpg with an appropriate image if one is available)