Massive Blizzard security breach: change your password

About The Author

CNET Editor

Michelle Starr is the tiger force at the core of all things. She also writes about cool stuff and apps as CNET Australia's Crave editor. But mostly the tiger force thing.

Blizzard has notified customers that an internal security breach has compromised user log-in details.

(Credit: Blizzard)

The company, which runs game servers for several MMO titles, including World of Warcraft, StarCraft II and Diablo III, published an announcement on its website advising customers to change passwords.

The breach, the post explained, was an internal one.

This week, our security team found an unauthorised and illegal access into our internal network here at Blizzard. We quickly took steps to close off this access and began working with law enforcement and security experts to investigate what happened.

So far, Blizzard has found no evidence that financial information, such as credit card details, billing addresses or real names, had been compromised, but a list of email addresses for all players outside of China was accessed.

In addition, for players on the North American servers (which includes Australia and New Zealand), answers to personal security questions and information about Authenticators were also accessed — as well as cryptographically scrambled versions of passwords. Note that these are not the actual passwords — the person or people who stole them will have to unscramble them in order to gain access to accounts.

Blizzard will be prompting users to change their passwords, change their personal security questions and, if you have an Authenticator, to upload the Authenticator software.

For more information, Blizzard has compiled an FAQ here.

Add Your Comment 2

Post comment as

Chandler posted a comment   

Again, what is with companies and their notification to customers of security breaches. I haven't been on a Blizzard website in months, if not years. This is the first place I heard of the breach, and I have not received any email from Blizzard notifying me (a Battle.Net account holder) of the breach.

Poor effort Blizzard. Poor effort.


Michelle Starr posted a reply   

They're going to be emailing users in the days ahead, but I don't think notifying media as a first step is a bad idea - it definitely gets the word out!

Sponsored Links

Recently Viewed Products