what a shame.
Under KRIS this didn't happen.
And now that you have new owners and all the resources of the world, you let the Thief into your garden so easily.
But don't worry, relax, it's Christmas holidays right? Peace and love to all. (and dupes)
Сообщениеmbitsu#061614 янв. 2025 г., 20:47:46
So is GGG doing nothing for the people that were affected by this?
Do you want a mystiс box?
Сообщениеmbitsu#061614 янв. 2025 г., 20:48:50
I'm not affected but how are you planning on compensating the affected accounts after all this was your error.
СообщениеXirav79#628514 янв. 2025 г., 20:48:52
Will people who have had their accounts lost or items stolen receive support in getting those back?
How is this a response?
What happens to the items they stole? This is on GGG.
You said they looked at a significant amount of accounts information.
How are we supposed to protect our accounts now that someone could possibly have all the information needed to recover the account through support.
For those accounts they got access to the following private information:
Email Address if the account had one associated
Steam ID if the account had one associated
IP Addresses that the account had used
Shipping address if the account had previously had physical goods sent
Past purchases
This is all the information needed for someone to recover an account through Support. What is anyone supposed to do if they were one of the people?
It was a support-admin account the attacker hijacked. The GGG support does not have your passwords. What the attacker could do is compare mails with known compromised account databases that use the same password everywhere.
GGG cannot fix people too lazy to use unique passwords.
Guys, please ...
Why are you telling nonsense to try to save GGG face from something they don't need to be saved? They said their own tools were used to reset passwords so they have nothing to hide.
The blame is on GGG and they don't need to hide it, so stop being a unempathetic person getting delight and pride from other's disgrace.
СообщениеVanchelot#136814 янв. 2025 г., 20:57:04
I'm not affected but how are you planning on compensating the affected accounts after all this was your error.
you can't know if you were affected, hackers got all sorts of private information which GGG uses for e-mail change procedure for an unknown amount of accounts. Even if you change password, you still wouldn't know if you are safe or not. Because they didn't tell if they are going to inform people of their data being leaked.
Please 2FA for everyone
СообщениеBLASSTABOI#517914 янв. 2025 г., 21:04:21
what a shame.
Under KRIS this didn't happen.
And now that you have new owners and all the resources of the world, you let the Thief into your garden so easily.
But don't worry, relax, it's Christmas holidays right? Peace and love to all. (and dupes)
Uh huh
СообщениеErionn#630614 янв. 2025 г., 21:05:17
Could someone clarify what this means?
It is probable that the attacker would be able to compare email addresses found using our portal against publicly available lists of compromised passwords from other websites in order to find accounts that shared the same password with their PoE account. If that was the case, they would have been able to bypass the region locking using the unlock code.
If the attackers already viewed unlock codes for some accounts then why do they need to find compromised passwords for other websites? How do other website accounts aid in bypassing a region lock?
Сообщениеbilboreily#399814 янв. 2025 г., 21:07:23
Could someone clarify what this means?
It is probable that the attacker would be able to compare email addresses found using our portal against publicly available lists of compromised passwords from other websites in order to find accounts that shared the same password with their PoE account. If that was the case, they would have been able to bypass the region locking using the unlock code.
If the attackers already viewed unlock codes for some accounts then why do they need to find compromised passwords for other websites? How do other website accounts aid in bypassing a region lock?
??? The unlock code is only useful if they can already login to the account, it's bypassing the games built in 2FA when trying to log in from another IP(which doesn't always work). They are saying here that they could compare a list of emails to breaches from elsewhere on the internet and try to use those passwords, since people love using the same passwords.
СообщениеErionn#630614 янв. 2025 г., 21:09:07
Why is so hard to enable 2FA for all of us?
I`m feeling less safer with this announcement.
Сообщениеbawaaji#118514 янв. 2025 г., 21:09:28