Blizzard's Battle.net hacked, change your passwords now - gHacks Tech News

Blizzard's Battle.net hacked, change your passwords now

Blizzard, developer of such popular brands of gaming such as World of Warcraft, Starcraft and Diablo, is one of the most popular PC game companies. Its World of Warcraft MMORPG for instance still has nine million players that pay the company a monthly subscription fee to play the game.

A security update has been posted on the Blizzard website that is informing all customers of the company that it has discovered unauthorized and illegal access to its internal network.  Blizzard noticed the break-in this week and has since then been working with security experts and law enforcement to investigate the hack.

battle net

According to the security update, the hackers managed to get their hands on the following data sets:

  • A global list of email addresses of Battle-net users
  • For North-American players, which includes Latin America, Australia, New Zealand and Southeast Asia), the answers to the personal security question, and information about Mobile and Dial-in authenticators were accessed as well.
  • The encrypted passwords of players on North American servers have also been dumped by the attackers.

Investigators found no evidence that financial information, such as credit cards or real names, were compromised.

The attackers either were after North American user and account information, or managed to only get access to those. Since they managed to dump encrypted user passwords, it is likely that they have already started to use dictionary-based and maybe even brute-force attacks to decrypt those passwords.

Blizzard asks all North-American users to change their battle.net account passwords immediately to protect the account from unauthorized access. Users who have been using the same password on other services are asked to change the password at those web services to protect the accounts as well.

Blizzard lastly announced that it will prompt all players on North American servers to change their secret questions and answers in the coming days to block this way of accessing user accounts. The company furthermore will distribute an update for its mobile authenticator software.

Update: The attack was detected by Blizzard on August 4 according to a FAQ page.

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:

Comments

  1. Dante said on August 10, 2012 at 2:16 pm
    Reply

    What’s funny is that most people actually give out their real mother’s name and whatnot in the personal infos. All stored and packaged for the next hack.

  2. b003 said on August 12, 2012 at 3:36 am
    Reply

    Never had an account and yet I always get tons of battlenet spam.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.