Battle.net accounts compromised

Blizzard announced Thursday that it had discovered and closed a Battle.net security breach, and is now working with law enforcement and security experts to determine what happened. Among the illegally accessed data was a list of email addresses for global Battle.net users outside of China, and the cryptographically scrambled versions of Battle.net passwords for players on North American servers.

Blizzard uses Secure Remote Password Protocol (SRP) to protect user account passwords, which means that each password needs to be deciphered individually, making it very difficult to derive the actual passwords from the breach. While these cryptographically scrambled Battle.net passwords are not easily usable by malicious parties, Blizzard is still encouraging players that use the North American servers to change their password. Additionally, if you use your Battle.net password on other services, you should first change those passwords as well. Second, shame on you.

Other user account information that was taken in the breach was the answer to the account's personal security question, and information relating to Mobile and Dial-In Authenticators.

However, Blizzard claims that all the stolen information is NOT enough to illicitly gain access to Battle.net accounts, based on what the company currently knows, so you should be able to breathe a sigh of relief. For now.

Credit cards, billing addresses, and real names have apparently not been compromised, according to the evidence Blizzard has dug up on the breach so far.

Blizzard will launch an initiative to prompt players on the North American servers to change their secret questions and answers in the near future. They will also release an update for Battle.net authenticator apps on mobile devices. As a final reminder, Blizzard Entertainment will never ask for your password through email, so definitely disregard any such requests if you receive them.

Source: Blizzard

Report a problem with article
Previous Story

Microsoft to release nine software updates next week

Next Story

Xbox 360 tops US game console sales again in July 2012

5 Comments

Commenting is disabled on this article.

considering Blizzard has been anti gamer for awhile. not really surprised someone took a shot at them. Think I'll cheer that one on

Shocking! Battle.net security has been a joke for years. Hopefully they'll learn something from this and actually fix it this time.

EU Battle.net site is looking worse for wear at the moment. Obviously like myself, a lot of concerned users are trying to update / change account info.

Not too worried. I use my authenticator, and the PW's arent really readable. Ill reset the info and luckily my PW's are all unique! (specially now that ive changed my Steam password as of 30 seconds ago!)