More Hacking Without The Slashing

Blizzard Ninja ProtectionIt seems that earlier this week (8/5/2012 –  8/11/2012) the network and I am sure some servers at Blizzard, the game company behind most notably World of Warcraft got hacked. A list of games that are either played or are accessible online are at the end of this post for your reference in order to help determine if this company is behind a game that you play/like.

At this time, Blizzard “security experts”, and law enforcement are investigating what happened. They are working to find out how someone managed to get into parts of Blizzard’s network where they didn’t belong, but also what information might have been lifted before the nefarious access could be cut off Go Here. So far, Blizzard claims that at this time there is no evidence that any financial information such as credit cards, billing addresses, or real names were compromised. Their work is far from over, but they have found nothing to suggest that these pieces of information have been accessed.

The only information that they can confirm was illegally accessed include a list of email addresses for global Battle.net users, outside of China. Players on North American servers (which include players from North America, Latin America, Australia, New Zealand, and Southeast Asia) had information regarding the answers to personal security questions accessed, and even information about Dial-in and Mobile Authenticators was gotten too. However, based on what Blizzard currently knows, this information alone is not enough for anyone to gain access to players Battle.net accounts.

It appears too that some encrypted passwords were taken as well, however, Blizzard is confident that their encryption methods and use of SRP (Secure Remote Password protocol) to protect these passwords, will make it extremely difficult to extract the actual passwords themselves. They do recommend that all Battle.net users change their passwords for good measure, and take care if the password used here is or was used anywhere else, for any other services, and recommend changing that password also.

All in all, this is a bad way to end the week for Blizzard. I expect that a great effort will go into finding whoever did this, catching them, and using them as a bright and shiny example of not messing around with Blizzard. Just my 2cp worth.

*Notes: Other games that Blizzard is known for and currently active with include World of Warcraft, Diablo II, Diablo III, StarCraft II and more. However, these are the most relevant and Internet connected of them.