Nobody’s safe on the internet it seems. Blizzard CEO, Mike Morhaime, has recently put up a big security update on their website, warning of a recent intrusion amongst their internal network. “We quickly took steps to close off this access and began working with law enforcement and security experts to investigate what happened”, it reads.
They warn that email addresses for accounts outside of China have been accessed, so be extra vigilant in regards to possible phishing scams. However, they believe that all payment information, such as credit card details, remains safe.
Players on North American Battle.net servers seem to have been the prime target. For them, Blizzard say that Mobile and Dial-in authenticator details have been accessed. As have answers to users’ personal security questions. They say that this alone is not enough for anybody to access your account, but also warn that “cryptographically scrambled versions of Battle.net passwords” from North American servers have also been accessed.
Now I have no clue how one goes about “un-cryptographically descrambling” something — and I’ve possibly used the wrong terminology right there — but Blizzard seem to feel it’s a fairly secure way of storing passwords, also saying they use Secure Remote Password protocol for extra safety. Although, they are recommending that North American server users change their passwords just in case (and any other passwords that might be the same).
Lastly, they say that more action will come to prompt players to make the necessary changes, before ending with an apology. “We take the security of your personal information very seriously, and we are truly sorry that this has happened.”
If you’ve got a Battle.net account, I’d recommend you go and read the post in full and take as much or as little action as you feel is safest — and hopefully, none of us will run into any troubles with our accounts and can keep playing Blizzard’s games as happily as we usually would.