Blizzard hacked - Scrolls of Lore Forums

		Scrolls of Lore Forums > Blizzard Discussion > General Blizzard Discussion
Blizzard hacked

Thread Tools

Display Modes

08-09-2012, 04:00 PM

Garotar

Site Staff - News

Join Date: Aug 2011

Posts: 4,140

Blizzard hacked

http://us.blizzard.com/en-us/securityupdate.html

Players and Friends,

Even when you are in the business of fun, not every week ends up being fun. This week, our security team found an unauthorized and illegal access into our internal network here at Blizzard. We quickly took steps to close off this access and began working with law enforcement and security experts to investigate what happened.

At this time, we’ve found no evidence that financial information such as credit cards, billing addresses, or real names were compromised. Our investigation is ongoing, but so far nothing suggests that these pieces of information have been accessed.

Some data was illegally accessed, including a list of email addresses for global Battle.net users, outside of China. For players on North American servers (which generally includes players from North America, Latin America, Australia, New Zealand, and Southeast Asia) the answer to the personal security question, and information relating to Mobile and Dial-In Authenticators were also accessed. Based on what we currently know, this information alone is NOT enough for anyone to gain access to Battle.net accounts.

We also know that cryptographically scrambled versions of Battle.net passwords (not actual passwords) for players on North American servers were taken. We use Secure Remote Password protocol (SRP) to protect these passwords, which is designed to make it extremely difficult to extract the actual password, and also means that each password would have to be deciphered individually. As a precaution, however, we recommend that players on North American servers change their password. Please click this link to change your password. Moreover, if you have used the same or similar passwords for other purposes, you may want to consider changing those passwords as well.

In the coming days, we'll be prompting players on North American servers to change their secret questions and answers through an automated process. Additionally, we'll prompt mobile authenticator users to update their authenticator software. As a reminder, phishing emails will ask you for password or login information. Blizzard Entertainment emails will never ask for your password. We deeply regret the inconvenience to all of you and understand you may have questions. Please find additional information here.

We take the security of your personal information very seriously, and we are truly sorry that this has happened.

Sincerely,
Mike Morhaime

#2 08-09-2012, 04:04 PM
Gadinhad Eternal Join Date: Oct 2011 Posts: 3,168	Luckily, I have an authenticator. __________________

#3 08-09-2012, 04:32 PM
Reignac Arch-Druid Join Date: Oct 2011 Location: Yes. Posts: 1,710	Well crap.

#4 08-09-2012, 04:35 PM
Omacron Join Date: Apr 2007 Location: New York Posts: 26,526 BattleTag: Omacron#1477	__________________

#5 08-09-2012, 05:09 PM
Arashi Keeper of the Grove Join Date: Oct 2011 Posts: 621	http://imgur.com/z45ky I found the culprit! __________________ Obnoxious image or quote goes here.

08-09-2012, 05:13 PM

Arbi

Druid of the Talon

Join Date: Dec 2011

Location: Canada

Posts: 81

BattleTag: Arbi #1298

I've got an authenticator, but I changed up my passwords (which are usually just random strings of 20 or so letters of numbers I memorize, anyway) and swapped up my secret question's answer.

It's probably bad my Battle.net account is the only online account of mine I actually care enough about to be so zealous with its security. Oh well. Dunno what i'd do without my B.net. Too much time invested to lose it now.

__________________
Oh hi, i'm that guy. Built so fly like a silk bow tie. Don't know why i'm built so fly, but I am; no lie.

"There is nothing impossible to him who will try."-
Alexander the Great

08-09-2012, 05:50 PM

Montoya

Warden

Join Date: Oct 2011

Posts: 706

BattleTag: Montoya#1769

Quote:

Originally Posted by Arbi

how do you change your secret question's answer? I changed the password, but can't find the option to change security questions or answers

__________________
"I count him braver who overcomes his desires than him who conquers his enemies; for the hardest victory is over self."

08-09-2012, 06:01 PM

Fojar

Elune

Join Date: Aug 2010

Location: Toronto, Lordaeron

Posts: 10,299

Apparently Mobile and Dial-In authenticator data was also exposed.

I know what the mobile one is but what's the Dial-In authenticator? I have the key-chain one, is that one still good?

__________________
"Noble countrymen, evil is upon us. Darkness has befallen our shores. Rise and slay thy enemies… strike, strike so others shall live. The meek shall not fade into the night… live my brethren, live." - King Terenas Menethil II

#9 08-09-2012, 06:05 PM
Garotar Site Staff - News Join Date: Aug 2011 Posts: 4,140	Key chain should be fine since they still don't have the hardware. The thing with the mobile one is that with the right information, someone can spoof your authenticator by setting up one with similar parameters. The dial in one isn't the best security anyway.

#10

08-09-2012, 07:03 PM

cosmictimelion cosmictimelion is offline

Eternal

Join Date: Apr 2011

Posts: 4,145

Quote:

Authenticators won't save your credit card numbers from being stolen

#11

08-09-2012, 07:05 PM

Millenia

Elune

Join Date: Jan 2012

Posts: 6,169

BattleTag: Millenia#1386

Quote:

Originally Posted by Fojar

I know what the mobile one is but what's the Dial-In authenticator?

I think that's the text messaging one. You try to log in, they text you the code, and you input it and stuff.

__________________
1) You can't win.
2) You can't break even.
3) You can't leave the game.

Quote:

Originally Posted by Mustrum

Because if a storyteller is doing his job, he makes you care. And if that storyteller then says "I dunno, then they stopped fighting, I guess," without any explanation or clarification, his audience has every right to be pissed off. Because they were given reason to stay interested, reason to keep up with his tale, only to be shut down just as things were getting good. A waste of time, a waste of emotional tension, a waste, if you fail to grasp the significance of narrative, of money.

#12 08-09-2012, 10:28 PM
The Nightbringer Wisp Join Date: Aug 2012 Location: Silence Tower Posts: 4	Troubling to hear. In fact, I don't think I've ever heard of Blizzard being hacked before.. [drama]Were the staff cuts THAT bad that they can't even handle their own security? GAWD.[/drama] __________________

#13 08-09-2012, 10:34 PM
Sonneillon Elune Join Date: Jun 2010 Posts: 5,683 BattleTag: Sonneillon #1112	Password changed... now I get to struggle to log in for the next few months. Dont see where to change the "security question" though.

#14

08-09-2012, 11:28 PM

Porimlys

Elune

Join Date: Apr 2011

Location: Portland, Oregon

Posts: 7,953

BattleTag: CptCarrot #1688

Quote:

That Mike Morhaime sounds like he wants us to blame the chinese for the recent security issue?

"Some data was illegally accessed, including a list of email addresses for global Battle.net users, outside of China."

Telling people china was not accessed, makes the reader ask why they weren't. Its not explained why so as a player who plays wow you could jump to the conclusion that they are responsible.

Just saying with how people hate gold farmers. Isn't that bad?

Dumbest post I've seen on the subject so far.

#15 08-10-2012, 01:38 AM
Bolvar (╯°□°）╯︵ ┻━┻ Get Off My Lawn! Join Date: Feb 2009 Location: Get off my lawn! Posts: 13,549	Good that they alerted the player base; hopefully it's as not-serious as they say.

#16

08-10-2012, 04:13 AM

Garotar

Site Staff - News

Join Date: Aug 2011

Posts: 4,140

Quote:

Originally Posted by Sonneillon

Password changed... now I get to struggle to log in for the next few months. Dont see where to change the "security question" though.

There isn't one right now outside calling them. They're developing it at the moment.

#17 08-10-2012, 04:48 AM
SmokeBlader Elune Join Date: Feb 2010 Location: Black Harvest Lair Posts: 11,177	__________________

#18

08-10-2012, 09:03 AM

Fojar

Elune

Join Date: Aug 2010

Location: Toronto, Lordaeron

Posts: 10,299

Quote:

Originally Posted by Porimlys

Dumbest post I've seen on the subject so far.

China probably wasn't affected because

A) The hackers were probably Chinese.

B) China probably has their own servers.

C) There's an additional layer of security on Chinese servers in the form of the Great Firewall.

#19 08-10-2012, 10:05 AM
Omacron Join Date: Apr 2007 Location: New York Posts: 26,526 BattleTag: Omacron#1477	Blizzard doesn't operate their own Chinese servers, that's done by a contractor called NetEase I believe. Remember when WoW was down in China for like a year because they couldn't work out a contract out there? __________________

#20

08-10-2012, 06:36 PM

Millenia

Elune

Join Date: Jan 2012

Posts: 6,169

BattleTag: Millenia#1386

Quote:

Originally Posted by Voodis

Password changed... now I get to struggle to log in for the next few months.

You should do what I do with some of my more complicated passwords and write them down on a piece of paper. Of course, it helps if you're surrounded by people who aren't total assholes, or have an authenticator.

__________________
1) You can't win.
2) You can't break even.
3) You can't leave the game.

Quote:

Originally Posted by Mustrum

« Previous Thread | Next Thread »

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts vB code is On Smilies are On [IMG] code is On HTML code is Off

All times are GMT -7. The time now is 05:56 AM.