Blizzard servers hacked, some personal info compromised
by Andrew Yoon, shacknews.com, Aug 9, 2012 4:15PM PDT
Perhaps it's been too long since you've reset your password in a mad attempt to secure your privacy? Blizzard has announced that they have discovered "unauthorized and illegal access into our internal network."
In a statement, the company says that there's "no evidence" that any financial information, including credit cards, billing address, and real names, has been compromised. Blizzard notes that their investigation is ongoing, "but so far nothing suggests that these pieces of information have been accessed."
E-mail addresses for Battle.net users was accessed, in addition to the answer to the personal security question, and information relating to mobile and dial-in authenticators. In a post on Blizzard's official website, Mike Morhaime writes that "this information alone is NOT enough for anyone to gain access to Battle.net accounts."
In addition, the cryptographically scrambled versions of Battle.net passwords was also taken. Because SRP is used to protect the passwords, it would be "extreme difficult" to extract that information. However, Blizzard is encouraging all players to change their password. And as always, if you use similar log-in information elsewhere, it would be wise to change that info as well.
Players will be prompted to change their secret questions and answers in an automated process in the coming days. In addition, mobile authenticator users will be asked to update their software. "As a reminder, phishing emails will ask you for password or login information. Blizzard Entertainment emails will never ask for your password," Morhaime adds.