Blizzard Hacked, Emails and Secret Question Answers Stolen
Blizzard investigates the severity of a security breach that occurred earlier this week.
Earlier today, Blizzard announced some unsettling news for Battle.net users. The company's security team found evidence this week that a security breach took place.
While the team was able to quickly close off access and has already contacted law enforcement and security expert agencies for assistance, the company states that some information was compromised during the breach.
At this time, the company hasn't found any evidence that sensitive financial information such as addresses, names or credit cards have been compromised, but the investigation is ongoing.
As for what was compromised, the company states:
Some data was illegally accessed, including a list of email addresses for global Battle.net users, outside of China. For players on North American servers (which generally includes players from North America, Latin America, Australia, New Zealand, and Southeast Asia) the answer to the personal security question, and information relating to Mobile and Dial-In Authenticators were also accessed. Based on what we currently know, this information alone is NOT enough for anyone to gain access to Battle.net accounts.
In addition to the emails and secret question answers, Blizzard states that cryptographically scrambled Battle.net passwords were also taken. But the company says Battle.net passwords feature an additional layer of security using Secure Remote Password protocol (SRP), making it difficult for hackers to extract the actual passwords without having to decipher each password individually.
Regardless, it is still suggested that players on North American servers change their passwords on Battle.net and any other accounts with the same password. As the investigation continues, Blizzard will prompt its North American players to change their secret questions and answers through an automated process.
For more information on the hacking, read Blizzard's official statement here, along with the additional FAQ page they have on the breach.
I only have Diablo III which I have not played in close to 2 months. They can keep it as I am done with Blizzard. Since Activision merged with Blizzard, they are as bad as EA.
I only have Diablo III which I have not played in close to 2 months. They can keep it as I am done with Blizzard. Since Activision merged with Blizzard, they are as bad as EA.
For real, if you have any blizzard game go try it. Case means nothing type a pass all cap/all small/or mixed it does not care at all.
The same thing most cloud lovers do by continuing to calm the cloud is secure hack after hack, trying to find excuses for each while there is none other than denial of the risk it poses to collect all eggs in one spot. Sure its possible to make a system very hard to hack but in truth no system is completely unhackable and the more interesting information it contains the more likely it will attract the attacks of the really skilled people.
Yeah, the hackers have to play world of casual pandacraft and diablo 3 if they get my account, thats enough punishment for hacking
Why?
Sony brought it on themselves. The exploit used was as basic as you can get when it comes to hacking.
If they had good security they wouldn't be hacked as no one would go through that much trouble for no gain.
Just tried it, apparently you never have. They are case sensitive.
It's not like BNet is the only place which stored our personal details. There are FB, Amazon, PP, Newegg maybe, xlive/psn, steam, etc.
Also it's been clear since long ago that D3 would be online-only, you are not forced to buy the game.
World of Warcrafts Password is case sensitive
Diablo 3's Password is Not case sensitive
I know this from testing it my self back when D3 first launched. People where mighty upset you could not use symbols in your password and it was not case sensitive making it super easy to brute force.
I really like to know why there is a difference between the two systems.
How difficult it was to get in isn't really relevant. They were still the victim of an illegal act. If someone accidently leaves their front door unlocked, that isn't justification for someone else to enter their house and rob them. Was leaving the door locked the owner's fault? Absolutely, but if someone really wanted to break into your house there is very little you could do stop them. A locked door will not stop a skilled thief. Same thing goes here, these companies may not have the most sophisticated security systems in place, but their is very little they can do to stop skilled hackers that are targetting them no matter what practical lengths they go through to secure their network.
And all the fan kiddies assured everyone that Blizzard could never get hacked, that online only meant no duping and no exploits such as a class being able to be invulnerable.
Well, all 3 has happened.
Of course since Blizzard crippled the authentication system with the "feature" of not asking for the authenticator if the login server thinks your account is being logged in from the same IP adress which took possible hacking from the rare and difficult Man in the Middle Attack to the much easier IP spoofing, I'm not shocked because they have proven they are not all that concerned with security.
Man, stop talking bull***s please. Diablo 3 and WOW uses the same password from Battle.net, which is CASE SENSITIVE.
I tested it my self obviously ur either a troll our ignorant they are the same password just in D3 its not case sensitve which is scary.