Blizzard Hacked, Emails and Secret Question Answers Stolen

Earlier today, Blizzard announced some unsettling news for Battle.net users. The company's security team found evidence this week that a security breach took place.

While the team was able to quickly close off access and has already contacted law enforcement and security expert agencies for assistance, the company states that some information was compromised during the breach.

At this time, the company hasn't found any evidence that sensitive financial information such as addresses, names or credit cards have been compromised, but the investigation is ongoing.

As for what was compromised, the company states:

Some data was illegally accessed, including a list of email addresses for global Battle.net users, outside of China. For players on North American servers (which generally includes players from North America, Latin America, Australia, New Zealand, and Southeast Asia) the answer to the personal security question, and information relating to Mobile and Dial-In Authenticators were also accessed. Based on what we currently know, this information alone is NOT enough for anyone to gain access to Battle.net accounts.

In addition to the emails and secret question answers, Blizzard states that cryptographically scrambled Battle.net passwords were also taken. But the company says Battle.net passwords feature an additional layer of security using Secure Remote Password protocol (SRP), making it difficult for hackers to extract the actual passwords without having to decipher each password individually.

Regardless, it is still suggested that players on North American servers change their passwords on Battle.net and any other accounts with the same password. As the investigation continues, Blizzard will prompt its North American players to change their secret questions and answers through an automated process.

For more information on the hacking, read Blizzard's official statement here, along with the additional FAQ page they have on the breach.

Create a new thread in the US News comments forum about this subject
This thread is closed for comments
36 comments
    Your comment
    Top Comments
  • rantoc
    I feel even more sorry for the people who just wanted to play Diablo 3 in single-player and due to the forced online play now had their email addresses ect in the wrong hands. I really hope that nothing more was leaked. The cloud is secure enough! /end sarcasm!
    24
  • schnitter
    Oh wow, as if the e-mails "Your WoW account has been suspended, click this link to reactivate" weren't already rolling in (don't even play that game), now it will be worse.

    I only have Diablo III which I have not played in close to 2 months. They can keep it as I am done with Blizzard. Since Activision merged with Blizzard, they are as bad as EA.
    19
  • wildkitten
    Well, I wonder what all the blind fan kiddies who said Blizzard could never get hacked will say now.
    17
  • Other Comments
  • christarp
    man i feel sorry for all these companies this is happening to, blizzard, sony, linkedin, etc. Sucks to see it happen.
    -22
  • christarp
    Man i feel sorry for all these companies this is happening to. Blizzard, sony, linkedin, etc
    -17
  • schnitter
    Oh wow, as if the e-mails "Your WoW account has been suspended, click this link to reactivate" weren't already rolling in (don't even play that game), now it will be worse.

    I only have Diablo III which I have not played in close to 2 months. They can keep it as I am done with Blizzard. Since Activision merged with Blizzard, they are as bad as EA.
    19