Data Breach Notification
|
FYI
I just created a new account with password 123456 WOW 2025 =) apply password complexity rule takes about ..... nothing? Register Special character more than 8 characters Number This is probably something from Pentagon cybersecurity... impossible to implement in real life. UPDATE I wondered if I could make a password out of 1 character) SO: Password must be at least 5 characters long and guess what. these brave 5 characters have been protecting us all these years. Successfully! until today.. Last edited by mbitsu#0616 on Jan 14, 2025, 10:19:54 PM
|
|
|
This is cool and all but... could we get some new weapons? Pretty please?
Thanks, Love you |
|
|
So wheres the mystery boxes GGG? A colossal screw up such as this should warrant this at least. Give us more than 1 since this has such massive implications
You can't even change password safely as the hackers have more confidential information about you that even if you change it, there is still a good chance it gets stolen... On top of everything, anyone that supported the game heavily and have physical goods sent practically got doxxed... Are you going to move them GGG? What if they came under malicious harm(altho im sure they couldn't since the main focus is stealing items in game)? But seriously, the more you think of the implications and what-ifs the issues get larger and larger | |
|
W transparency
|
|
|
Really appreciate the transparency. Something that's missing in most game companies nowadays.
|
|
|
This isn't transparency LOL this is the worst attempt to coverup the full scope of just how damaging this could be.
|
|
" Why are you not capitalizing Steam? Yes.
|
|
" Hello dear friend. Your house burned down, sorry. I tell you honestly, we just don't have fire safety. I tell you completely transparently. From the bottom of my heart. Moreover, it was our employee who set it on fire. Last edited by mbitsu#0616 on Jan 14, 2025, 10:44:08 PM
|
|
|
So is it necessary to change our passwords? I see the attacker is unable to see our passwords.
|
|
|
No mention of steps that will be taken to contact victims, heck it doesn't even seem like GGG knows how many victims there are beyond the several dozen who had their passwords changed. No telling how many accounts got their emails/addresses/IPs/steam IDs swiped. And why did this unhelpful notification take so long to come out? This issue was mentioned in the POE2 QA two days ago and even on Sunday the devs made it sound like they had already known about this for a while, how long does it take to assess the damage before you start contacting people whose personal info was stolen?
I wanted to be charitable, but sorry isn't good enough. Security obviously was not a priority for GGG and now your customers are paying the price for your incompetence. How 3rd party connections were even allowed for admin accounts is utterly baffling and should give any decent security manager a panic attack, not to mention the lack of 2fa for even your internal admin accounts. You guys aren't a small indie studio making a glorified D2 clone anymore, you're a major digital company with access to hundreds of thousands if not millions of people's personal info from all over the world. Act like it. |
|
