Blizzard's Battle.net Hacked; Company Recommends All Users Change Their Passwords

by

NewImageBlizzard Entertainment, the company behind Warcraft, Starcraft and Diablo, today informed customers that their internal security network had been breached.

The company doesn't believe that financial information has been compromised but other data including email addresses for all non-China players and scrambled passwords were taken. The company believes it will be extraordinarily difficult for hackers to break into actual accounts, but is recommending that all users change their passwords.

Blizzard does offer the Battle.net Mobile Authenticator [App Store], an iPhone app that dynamically generates a new six-digit code every minute. Users can't log into any Battle.net account -- either through a game or on a website -- without the code. It virtually eliminates unauthorized access to the Battle.net account and it is recommended for all Battle.net accountholders.

Here is the letter from Blizzard CEO Mike Morhaime:

Players and Friends,

Even when you are in the business of fun, not every week ends up being fun. This week, our security team found an unauthorized and illegal access into our internal network here at Blizzard. We quickly took steps to close off this access and began working with law enforcement and security experts to investigate what happened.

At this time, we've found no evidence that financial information such as credit cards, billing addresses, or real names were compromised. Our investigation is ongoing, but so far nothing suggests that these pieces of information have been accessed.

Some data was illegally accessed, including a list of email addresses for global Battle.net users, outside of China. For players on North American servers (which generally includes players from North America, Latin America, Australia, New Zealand, and Southeast Asia) the answer to the personal security question, and information relating to Mobile and Dial-In Authenticators were also accessed. Based on what we currently know, this information alone is NOT enough for anyone to gain access to Battle.net accounts.

We also know that cryptographically scrambled versions of Battle.net passwords (not actual passwords) for players on North American servers were taken. We use Secure Remote Password protocol (SRP) to protect these passwords, which is designed to make it extremely difficult to extract the actual password, and also means that each password would have to be deciphered individually. As a precaution, however, we recommend that players on North American servers change their password. Please click this link to change your password. Moreover, if you have used the same or similar passwords for other purposes, you may want to consider changing those passwords as well.

In the coming days, we'll be prompting players on North American servers to change their secret questions and answers through an automated process. Additionally, we'll prompt mobile authenticator users to update their authenticator software. As a reminder, phishing emails will ask you for password or login information. Blizzard Entertainment emails will never ask for your password. We deeply regret the inconvenience to all of you and understand you may have questions. Please find additional information here.

We take the security of your personal information very seriously, and we are truly sorry that this has happened.

Sincerely,
Mike Morhaime

Top Rated Comments

(View all)
Avatar
104 months ago
I haven't anything worth stealing. My loot is crap.
Score: 16 Votes (Like | Disagree)
Avatar
104 months ago
Like i never thought about this.

But its actually scary to leave electronic footprints with all the hacking going on these days.

Sony, blizzard, and many many others.

I want to a delete all button on the internett for my info
Score: 10 Votes (Like | Disagree)
Avatar
104 months ago
And why do we always have to be "online" even when not doing anything multiplayer-related? Why doesn't Blizzard (or others such as Steam) explain that to us?

Ah, the good ol' days of true offline independence...
Score: 9 Votes (Like | Disagree)
Avatar
104 months ago
One word: LOL
Score: 9 Votes (Like | Disagree)
Avatar
104 months ago
Ouch, that's pretty bad news for a lot of people. I'm really happy I chose Computer Security and Forensics as my degree, hopefully I'll be able contribute ways to prevent this sort of thing in the future, really can't wait =D
Score: 8 Votes (Like | Disagree)
Avatar
104 months ago
Eat that, blizzard for not letting us play single Diablo III offline. What the heck with privacy these days?

If people want to cheat and exploit single player session, so be it. They shelled out $60 just for the purpose, remember? So, aren't they supposed to like ... own the game? :rolleyes:
Score: 6 Votes (Like | Disagree)

Top Stories

Apple Warns Against Closing MacBooks With a Cover Over the Camera

Friday July 10, 2020 11:12 am PDT by
Apple this month published a support document that warns customers against closing their Mac notebooks with a cover over the camera as it can lead to display damage. Image via Reddit Apple says that the clearance between the display and the keyboard is designed to very tight tolerances, which can be problematic. Covering the camera can also cause issues with automatic brightness and True Tone....

iPhone Users Who Experienced 'Batterygate' Can Now File to Receive Around $25 Settlement From Apple

Monday July 13, 2020 6:50 am PDT by
Earlier this year, Apple agreed to settle a U.S. class action lawsuit that accused the company of "secretly throttling" older iPhone models. Now, eligible iPhone owners are beginning to be notified about their legal rights and options. Under the proposed settlement, Apple will provide a cash payment of approximately $25 to each eligible iPhone owner who submits a claim, with its total payout ...

Possible 'iPhone 12' Battery Certifications Suggest Lower Capacities Than iPhone 11 Series

Monday July 13, 2020 4:22 am PDT by
MySmartPrice has spotted certifications for three new Apple batteries that it believes could be for the upcoming iPhone 12 lineup, despite them being less capacitive than the batteries in the current iPhone 11 series. The batteries are identified with the model numbers A2471, A2431, and A2466, and appear on Safety Korea, China's 3C, and the Danish agency UL Demko. Apple is expected to...

Google to 'Dramatically' Improve Chrome Impact on Mac Battery Life

Sunday July 12, 2020 1:56 pm PDT by
Google will address long-standing battery life issues, particularly on Mac devices, reports The Wall Street Journal. Chrome will improve "tab throttling" by better prioritizing active tabs and limiting resource drain from tabs open in the background. This is said to have a "dramatic impact on battery and performance." Google has reportedly been performing early tests on Mac laptops in...

Arm-Intel-PowerPC Universal Binaries Are Possible

Saturday July 11, 2020 1:42 pm PDT by
Casual MacRumors visitors may not realize that we have a very active PowerPC forum where users discuss issues related to PowerPC Macs that have not been produced since 2006. Threads range from hardware upgrades and software options to nostalgia: Photo by AphoticD Apple's recently announced transition to Apple Silicon (Arm) based Macs raised some interesting questions about future support...

Apple Pays Samsung an Estimated $950 Million for Missing OLED Panel Purchase Targets

Monday July 13, 2020 10:03 am PDT by
Apple in the second quarter of 2020 paid Samsung approximately $950 million for not meeting OLED panel purchase goals established in agreements between the two companies, according to display analysts at Display Supply Chain Consultants. Samsung last week shared guidance on revenue and operating profit for the second quarter of 2020, which included a one-time gain related to its display...

Apple Shares Humorous 'Working-From-Home Thing' Video

Monday July 13, 2020 9:31 am PDT by
Apple today shared a funny video focused on the problems that people working from home have to deal with, including noisy children, chaotic schedules, communication issues, and more. The video focuses on showing off Apple products and their capabilities that can be useful when working from home, such as the ability to scan a document with an iPhone, mark up a PDF, Siri Reminders, and more.The...

SoftBank Considering Possible Sale of Arm Holdings as Apple Gears Up for Arm-Based Macs

Monday July 13, 2020 2:00 pm PDT by
SoftBank, the company that owns chip designer Arm Holdings, is exploring options that include a full or partial sale or a public offering, reports The Wall Street Journal. SoftBank is working with Goldman Sachs Group as an advisor, and the explorations are at an early stage. The Wall Street Journal says that it's unknown how much interest there would be in Arm from financial or industry...

Rumor Suggests New Apple App for Windows Could Be Coming Soon

Tuesday July 14, 2020 1:54 am PDT by
Apple could be working towards the release of a new app for Windows 10, according to a report this week from an Italian website. The blog Aggiornamenti Lumia suggests that an app from Apple is "coming soon" to the Microsoft Store, but stops short of providing additional details. Apple still maintains a Windows version of the iTunes app, which has been discontinued on Mac and replaced by...

Deals: Amazon Taking $400 Off 16-Inch MacBook Pro, Starting at New Low Price of $1,999.99 for 512GB

Monday July 13, 2020 5:34 am PDT by
Amazon has introduced a new low price on Apple's 16-inch MacBook Pro today, including both 512GB and 1TB models. Starting with the 512GB model (2.6GHz 6-Core, 16GB RAM), you can get this notebook for $1,999.99, down from $2,399.00. Note: MacRumors is an affiliate partner with Amazon. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running....