Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

World of Warcraft: NA Account Information Compromised

SBFordSBFord Former Associate EditorMember LegendaryPosts: 33,129

Blizzard is reporting that certain pieces of information for North American Battle.Net users has been compromised due to a hacking incident this week. According to the post on the Blizzard site, financial information is not considered threatened but account passwords, email addresses, security questions and mobile authenticator data were taken.

We also know that cryptographically scrambled versions of Battle.net passwords (not actual passwords) for players on North American servers were taken. We use Secure Remote Password protocol (SRP) to protect these passwords, which is designed to make it extremely difficult to extract the actual password, and also means that each password would have to be deciphered individually. As a precaution, however, we recommend that players on North American servers change their password. Please click this link to change your password. Moreover, if you have used the same or similar passwords for other purposes, you may want to consider changing those passwords as well.

Read the entire post on Blizzard's site.

image


¯\_(ツ)_/¯ 


«13

Comments

  • expressoexpresso Member UncommonPosts: 2,218
    OK now Blizzard have been hacked, you see when Blizzard is really hacked they do tell people like all responsible companies do.
  • LobotomistLobotomist Member EpicPosts: 5,981
    I guess it means that also Diablo accounts are compromised , together with all the money in RMAH ?



  • niceguy3978niceguy3978 Member UncommonPosts: 2,051
    Originally posted by expresso
    OK now Blizzard have been hacked, you see when Blizzard is really hacked they do tell people like all responsible companies do.

    This won't stop people from insisting that blizz has been compromised for years otherwise they wouldn't have "so many" hacked accounts.  Of course they have more accounts (potential targets) than any other sub game ever, but that doesn't matter.

  • niceguy3978niceguy3978 Member UncommonPosts: 2,051
    Originally posted by Lobotomist
    I guess it means that also Diablo accounts are compromised , together with all the money in RMAH ?
     

    In order to use the RMAH you have to have one or more forms of the authenticator, I believe.  I could be mistaken, I haven't bothered with it.

  • PsychowPsychow Member Posts: 1,784
    I guess I'd better change the password on my luggage...
  • NadiaNadia Member UncommonPosts: 11,798
    this gives more merit to the Diablo3 hacked account claims
  • KarteliKarteli Member CommonPosts: 2,646

    I look forward to this incident being disected on TechSnap.

     

    http://www.youtube.com/playlist?list=PL995EBE645950DFF5&feature=plcp

     

    [You have to go down to the latest release (cuz YouTube keeps changing their structure).] btw Youtbe - listing oldest first is bad.

     

    Those guys pick every companies flaws & analyze their network vulnerabilities.  They did it for SOE + others .. waiting for Blizzard now :)

     

    Want a nice understanding of life? Try Spirit Science: "The Human History"
    http://www.youtube.com/watch?v=U8NNHmV3QPw&feature=plcp
    Recognize the voice? Yep sounds like Penny Arcade's Extra Credits.

  • nixiumnixium Member Posts: 21
    It's like hearing about a nuclear reactor exploding. But worse.
  • tawesstawess Member EpicPosts: 4,227
    Originally posted by Nadia
    this gives more merit to the Diablo3 hacked account claims

    Not really as it would be pointless to try and pry the passwords out fo this data when most people freely give up their passwords when asked.

     

    This is most likley just probing for something bigger or a e-peen stunt.

    This have been a good conversation

  • AcorniaAcornia Member UncommonPosts: 281

    The account hack battlenet had a couple of years ago is the reason I stopped playing WoW and why I hate playing any game that requires log in through battlenet type system or 3rd party systems.

    I feel that each game should have their own stand alone log in system with all personal info at least triple 256 encriped as a min protection.

  • syntax42syntax42 Member UncommonPosts: 1,385
    Originally posted by niceguy3978
    Originally posted by expresso
    OK now Blizzard have been hacked, you see when Blizzard is really hacked they do tell people like all responsible companies do.

    This won't stop people from insisting that blizz has been compromised for years otherwise they wouldn't have "so many" hacked accounts.  Of course they have more accounts (potential targets) than any other sub game ever, but that doesn't matter.

    How could a phishing scammer get your email if you only used it to register for WoW and never anything else?  My email which I only checked when I forgot my password after a long break from WoW was filled with ONLY WoW phishing emails, so I know there had to be a leak or hack.  How else would I only get WoW phishing emails and not the other junk normal spammers send?  This was back when the Burning Crusade expansion was released.

     

    Blizzard's security has been compromised for years.  The authenticators were the only thing that made it reasonable to trust them with my credit card number.  Blizzard is too big of a target for hackers and dishonest employees who are looking to make a quick buck.

  • jeremyjodesjeremyjodes Member, Newbie CommonPosts: 679

    I'm not logging in it's a trap! They want me to see some special offer to return I bet. let them have my account never going back.

     

    image

  • endgame1endgame1 Member Posts: 84

    Just one quick observation reading the faq below. They detected the security breach on August 4th, but there's no info about how long that breach may have existed before they found it. 

     

    http://us.battle.net/support/en/article/important-security-update-faq

  • RelGnRelGn Member Posts: 494
    Thats what happens when u fail to deliver a diablo 3 game.They deserve it

    image
  • LummLumm Member UncommonPosts: 134
    Another fail by Blizzard. I don't expect any less from them i guess.
  • YakkinYakkin Member Posts: 919
    Originally posted by nixium
    It's like hearing about a nuclear reactor exploding. But worse.

    Worst comparison on the internet EVER. If a nuke reactor blows up, we're all royally screwed in some way and people LOSE THEIR LIVES, or get stuck with horrifically painful forms of cancer if they get irradiated. Battle.net gets compromised? True there might end up being some problems with hackers, but it's not a supremely bad issue.

  • kadepsysonkadepsyson Member UncommonPosts: 1,919
    So much for blizzard being the Almighty secure authenticator protected infallible entity people claimed.
  • GravargGravarg Member UncommonPosts: 3,424
    it happens, at least Blizzard is upfront about it, unlike SOE which tries to hide it (or doesn't realize it happend until months later).
  • eye_meye_m Member UncommonPosts: 3,317

    so theoretically, people could lose their WoW, SC2 and Diablo 3 accounts all in one fell swoop.  Rather than say anything that could be perceived as unkind, I'll just say that at this point in time it appears it could be most unfortunate to be a patron of blizzard.

     

     

    All of my posts are either intelligent, thought provoking, funny, satirical, sarcastic or intentionally disrespectful. Take your pick.

    I get banned in the forums for games I love, so lets see if I do better in the forums for games I hate.

    I enjoy the serenity of not caring what your opinion is.

    I don't hate much, but I hate Apple© with a passion. If Steve Jobs was alive, I would punch him in the face.

  • JimmydeanJimmydean Member UncommonPosts: 1,290
    Originally posted by Gravarg
    it happens, at least Blizzard is upfront about it, unlike SOE which tries to hide it (or doesn't realize it happend until months later).

    This probably happened months ago. Oh I dunno, maybe sometime around May 15th.

  • IkedaIkeda Member RarePosts: 2,751

    (shrug) If you have a physical authenticator you're still safe :-)

     

    I want a physical authenticator for EVERY game I play now if it's an option.

  • jusomdudejusomdude Member RarePosts: 2,706

    Changed my password. even though I have a real authenticator... that was an easy fix.

    Might have some problems with people that don't pay attention to gaming news and people that don't play anymore though.

  • PsychowPsychow Member Posts: 1,784
    Originally posted by reignjuste
    Thats what happens when u fail to deliver a diablo 3 game.They deserve it

     

    Siding with hackers isn't a good thing. You could be their next target. 

  • KarteliKarteli Member CommonPosts: 2,646
    Originally posted by endgame1

    Just one quick observation reading the faq below. They detected the security breach on August 4th, but there's no info about how long that breach may have existed before they found it. 

     

    http://us.battle.net/support/en/article/important-security-update-faq

    Geez what a crappy response.  Just tell everyone to change their passwords, rather than monitor their accounts .... or do a global auto reset.

     

    WTF does monitoring an account do .. oh not hacked yet .. oh wait today I'm hacked .. lol?

     

    edit: Blizzard is using it's customers as guinea pigs to see how far the damage actualy went, so they can spin a smaller amount of affected customers.  My initial reaction still stands - tell everyone to reset their password and suck it up.  Treat customers better?

    Want a nice understanding of life? Try Spirit Science: "The Human History"
    http://www.youtube.com/watch?v=U8NNHmV3QPw&feature=plcp
    Recognize the voice? Yep sounds like Penny Arcade's Extra Credits.

  • KarteliKarteli Member CommonPosts: 2,646
    Originally posted by kadepsyson
    So much for blizzard being the Almighty secure authenticator protected infallible entity people claimed.

    The autenticator itself is pretty solid, the only way around this is to either steal the key from the authenticator (requires physical access) or to do a Man-In-The-Middle attack, where your computer acts as a proxy to some other host.

     

    Either way, it eliminates lazy crooks from obtaining your info, which composes most of thefts.

     

     

    Want a nice understanding of life? Try Spirit Science: "The Human History"
    http://www.youtube.com/watch?v=U8NNHmV3QPw&feature=plcp
    Recognize the voice? Yep sounds like Penny Arcade's Extra Credits.

Sign In or Register to comment.