This article was published on August 10, 2012

Not a game: Blizzard’s Battle.net was hacked and they want you to change your password


Not a game: Blizzard’s Battle.net was hacked and they want you to change your password

If you’re a PC gamer and play World of Warcraft, Diablo or Starcraft, you might want to log into Battle.net and change your password immediately. The company behind it, Blizzard, has confirmed that the site has been hacked.

Here’s what Blizzard’s co-founder and President Michael Morhaime had to say about the hack:

This week, our security team found an unauthorized and illegal access into our internal network here at Blizzard. We quickly took steps to close off this access and began working with law enforcement and security experts to investigate what happened.

At this time, we’ve found no evidence that financial information such as credit cards, billing addresses, or real names were compromised. Our investigation is ongoing, but so far nothing suggests that these pieces of information have been accessed.

The company says that a list of email addresses for gamers outside of China were accessed. For those in the US, Australia, New Zealand and Latin America, your personal security question and mobile and dial-in authentication information was also accessed. Crap. Luckily, no credit card information was thieved…that Blizzard knows of yet.

Blizzard doesn’t seem overly concerned: “Based on what we currently know, this information alone is NOT enough for anyone to gain access to Battle.net accounts.” it said in its release. I think it’s too early to be so sure, considering that its investigation has just begun.

The company will be asking users to change their secret question information as well, but the first step is to change your password immediately:

We also know that cryptographically scrambled versions of Battle.net passwords (not actual passwords) for players on North American servers were taken. We use Secure Remote Password protocol (SRP) to protect these passwords, which is designed to make it extremely difficult to extract the actual password, and also means that each password would have to be deciphered individually. As a precaution, however, we recommend that players on North American servers change their password.

Hacks certainly affect how much people trust a company, just ask LinkedIn, eHarmony and Sony, for example.

Get the TNW newsletter

Get the most important tech news in your inbox each week.