blizzard games Blizzard Battle.net network hacked, millions affected

Blizzard has revealed that its Battle.net servers have been hacked, leading to millions of account details being stolen by hackers.

Blizzard has revealed that its Battle.net servers have been hacked, leading to millions of account details being stolen by hackers.

 
The service is employed in all of Blizzard's popular games, including World of Warcraft, Diablo 3 and StarCraft 2. The news is particularly bad considering the upcoming release of an expansion for World of Warcraft, called Mists of Pandaria, set to launch on 25 September.
 
The data accessed by cybercriminals includes email addresses, security question answers for players on North American servers, and information relating to authenticators, including the mobile authenticator app. More worryingly for North American players is that cryptographically scrambled passwords were also taken, though they may be extremely difficult to unscramble, which at least shows that Blizzard is responsible with password data. Only those outside of China are affected by the hack.
 
World of Warcraft   Mists of Pandaria Box Art Blizzard Battle.net network hacked, millions affected
 
Blizzard believes that this data alone is not enough to gain access to an account, but it is still urging players to change their passwords. It suggested changing passwords elsewhere if the passwords are the same or similar, though that is always a major faux pas in net security. The company also emphasised that it never looks for passwords in emails, warning of the potential of phishing scams.
 
Blizzard will be forcing players to change their security questions and update their authenticator software in the coming days. Traditionally an authenticator is considered one of the best ways to ensure account security, but not if Blizzard's own servers have been compromised.
 
So far there has been no suggestion of financial information, such as credit card data and billing addresses, having been accessed in the attack, but Blizzard said that its investigation is ongoing. It has reported the situation to the police and to security experts.
 
The company apologised for the security breach, stating that it is “truly sorry” for what has transpired. For any of the millions of players whose accounts are now at risk, however, that apology may not be enough.