Blizzard's Network Hacked

 Pages 1 2 3 NEXT
 

Blizzard's Network Hacked

image

Hackers have gained access to Battle.net email addresses, security question answers and authenticator info.

Blizzard has joined the growing list of companies that have failed to protect their customers' private information. Today, the company announced that its security team found evidence that wily hackers had gained access to its internal network. The intrusion was discovered on August 4th.

"At this time, we've found no evidence that financial information such as credit cards, billing addresses, or real names were compromised," reads the announcement. "Our investigation is ongoing, but so far nothing suggests that these pieces of information have been accessed."
What have been accessed, however, are the email addresses, personal security question answers, mobile authenticator information and cryptographically scrambled Battle.net passwords belonging to players who use North American servers. Blizzard insists that the protocols used to encrypt the password are solid, and that the information the hackers got their grubby mitts on is not enough to allow them to gain access to Battle.net accounts. Regardless, the company suggests you change your Battle.net password and, if you're using the same password for other services, change those too.

Players on North American servers will soon be prompted to change their secret question answers and passwords, and their mobile authenticators will be automatically updated.

Source: Blizzard

Permalink

This is why we can't have nice things.
Blizzard fan or not, I don't see why those selfish hackers have to ruin things so much for others.

So we just hear about this now? I mean it's almost the 10th. Thats nearly a week that they decided not to mention anything.

And it's the PSN hacker attack all over again.

So glad I didn't get Diablo 3 now.

I never thought I'd live to see the day where a company whose games are filled with duping, trade scams, account phishing, and bots would get hacked.

EU Battle.net, still a secure fortress?

*sips apple juice out of a brandy glass on a rotating chair*

'Apparently' they took data that wouldn't allow them instantaneous access so my guess is they're going to sell it to gold farming companies or decoders. It would be a monumental task but it needs you to go onto your account and change the info or you'll just be bombarded with phishing scams and attempts on your account (which hopefully with the authenticator will fail but there's enough kids out there for it to affect).

But yeah, *sigh* get ready for a fresh wave of gold sellers/farmers on your realms. Sorry US.

Because opening an Auction House with real money didn't paint a huge target on their backs.

Took 3 months? 4 months to get in?

Harbinger_:
So we just hear about this now? I mean it's almost the 10th. Thats nearly a week that they decided not to mention anything.

Would you prefer a news conference every time a company notices something erroneous, so we call all flip our collective shits until they realise it really wasn't anything at all?
And then when it IS something, we can all roll our eyes at the announcement and bitch at them for their constant scaremongering!

... I think someone could write a story out of this, but maybe make it a bit more low-tech. Instead of hacked servers, maybe... ooh, maybe a wolf could show up and eat some sheep...

Ranorak:
This is why we can't have nice things.
Blizzard fan or not, I don't see why those selfish hackers have to ruin things so much for others.

What he said.

EDIT: Initial comment retracted. But suffice it to say that I used to have respect for hackers, back when I was under the impression that real hackers never actually took anything. Now I don't know what to think.

I notice it says nothing about the keychain authenticators. Can we take that to mean that those of us with them are less at risk then the mobile authenticator users?

sir.rutthed:
I notice it says nothing about the keychain authenticators. Can we take that to mean that those of us with them are less at risk then the mobile authenticator users?

The real authenticators are massively more secure than the mobile apps.

Remember back when Blizzard was trying to convince us that turning Diablo 3 into a game that relied heavily on Always-On DRM would make the game more secure from hackers? And remember how they told us that Battle.net was just so secure and that there was no way that hackers could get in and interfere with your gameplay, even as numerous people reported that accounts were being hacked and relieved of items in Diablo 3?

Pepperidge Farm remembers. And so do I.

While I don't normally wish harm upon anyone and I feel very sorry for the poor gamers who has entrusted Blizzard with their information, I have to be honest: Blizzard deserves every last bit of this. They were the ones boldly proclaiming that Diablo 3 was the next step in hacker-free gaming, arrogantly presuming that their Battle.net system could not be hacked, and using the DRM as a platform to make more money through the Auction House. This is what kills good studios: steps towards money and away from quality.

Turn back now, Blizzard. You're going down a path that leads to EA-ism: a blind focus on corporate interests and money-making over quality assurance and putting care into your products. Once you start down the dark path, forever will it dominate your destiny!

CriticKitten:

Turn back now, Blizzard. You're going down a path that leads to EA-ism: a blind focus on corporate interests and money-making over quality assurance and putting care into your products. Once you start down the dark path, forever will it dominate your destiny!

I can't be certain, but I don't suspect Mike Morhaime or Thrall Chris Metzen to be regular readers of these forums.
Maybe try posting it on Blizzard's own?

CriticKitten:
Remember back when Blizzard was trying to convince us that turning Diablo 3 into a game that relied heavily on Always-On DRM would make the game more secure from hackers? And remember how they told us that Battle.net was just so secure and that there was no way that hackers could get in and interfere with your gameplay, even as numerous people reported that accounts were being hacked and relieved of items in Diablo 3?

Pepperidge Farm remembers. And so do I.

While I don't normally wish harm upon anyone and I feel very sorry for the poor gamers who has entrusted Blizzard with their information, I have to be honest: Blizzard deserves every last bit of this. They were the ones boldly proclaiming that Diablo 3 was the next step in hacker-free gaming, arrogantly presuming that their Battle.net system could not be hacked, and using the DRM as a platform to make more money through the Auction House. This is what kills good studios: steps towards money and away from quality.

Turn back now, Blizzard. You're going down a path that leads to EA-ism: a blind focus on corporate interests and money-making over quality assurance and putting care into your products. Once you start down the dark path, forever will it dominate your destiny!

How can they turn back? I'm sure i'm not the only ex-blizzard fan who just hated all the crap with D3 to outright ignore blizzard games now.

Ugh....

I'm getting really sick of these hackers. Someone needs to end these people. :o

I'm just surprised it took this long.

canadamus_prime:

Ranorak:
This is why we can't have nice things.
Blizzard fan or not, I don't see why those selfish hackers have to ruin things so much for others.

What he said.

EDIT: Initial comment retracted. But suffice it to say that I used to have respect for hackers, back when I was under the impression that real hackers never actually took anything. Now I don't know what to think.

Only good people are really good people, every other category of humanity is basically a coin toss.

Did that come out right?

Loop Stricken:

CriticKitten:

Turn back now, Blizzard. You're going down a path that leads to EA-ism: a blind focus on corporate interests and money-making over quality assurance and putting care into your products. Once you start down the dark path, forever will it dominate your destiny!

I can't be certain, but I don't suspect Mike Morhaime or Thrall Chris Metzen to be regular readers of these forums.
Maybe try posting it on Blizzard's own?

Not a chance. Have you seen their boards? :P

You'll never find a more wretched hive of scum and villainy.

Uninteresting company gets not-at-all surprising news.

I've never liked Blizzard, so..............nothing to see here.

Loop Stricken:

Harbinger_:
So we just hear about this now? I mean it's almost the 10th. Thats nearly a week that they decided not to mention anything.

Would you prefer a news conference every time a company notices something erroneous, so we call all flip our collective shits until they realise it really wasn't anything at all?
And then when it IS something, we can all roll our eyes at the announcement and bitch at them for their constant scaremongering!

... I think someone could write a story out of this, but maybe make it a bit more low-tech. Instead of hacked servers, maybe... ooh, maybe a wolf could show up and eat some sheep...

The intrusion of what should be a secure database, that holds personal information, should at least be mentioned to the people using it. No need for a "press conference", but an email informing you that it might be a good idea to update your security information isn't a bad thing.

And while Blizzard may "say" that everything is solid, it doesn't mean it is. You can't honestly expect a company that is already showing signs of weakness would come straight out and say that your battle.net accounts are liable to be hacked, especially if you are using the mobile authenticator (which I'm sure is the more common version of authentication people are using).

This is what you get for trusting an always online DRM service. I for one won't be supporting any company that relies on your games being linked to an account and always being online from now on. You can't protect yourself from hackers, they will get through eventually and when they do all your info is theirs.

Yureina:
Ugh....

I'm getting really sick of these hackers. Someone needs to end these people. :o

My thoughts exactly. I'm just tired of hacking incursion after hacking incursion...

At first I really didn't like that Starcraft 2 forced me to make a Battle.net account even though I never planned to play it online. But those achievements were worth giving my email address to a bunch of hackers. Thanks Blizzard!

I feel bad my North American brothers, and hope that nothing of significant value can be stolen.

Also, this has very little to do with Diablo 3 directly, the issue is with Battle.net as a whole, so if those few folks could come down off their high horses, that'd be lovely.

cursedseishi:

The intrusion of what should be a secure database, that holds personal information, should at least be mentioned to the people using it. No need for a "press conference", but an email informing you that it might be a good idea to update your security information isn't a bad thing..

You mean... what this topic is about?

Now that Blizzard knows it's worth bothering you about, they're sending you an email informing you that it might be a good idea to update your security information.

What aggravates me the most about this is that I had an e-mail account set up that was only tied to my bnet account so as to have a fool proof way of never falling victim to those phishing e-mails. (not that I ever would since they're all laughably fake) Now I have to go through the trouble of setting up a new one in anticipation of the high volumes of spam about to flood my previously pristine inbox.

This was bound to happen eventually though. The odds were just stacked against them that eventually one of the many hackers trying to get in would find a hole just big enough to fuck everyone over. Sad part is they'll never catch who did this and even if they do it will be far too late to prevent them from doing anything with the data.

sir.rutthed:
I notice it says nothing about the keychain authenticators. Can we take that to mean that those of us with them are less at risk then the mobile authenticator users?

I can say with a straight face, yes.

*pats keychain*

Yureina:
Ugh....

I'm getting really sick of these hackers. Someone needs to end these people. :o

I agree, I--- wait, holy crap I haven't see you around in awhile!

Reading the headline combined with the picture immediately resulted in a deep voice in my head saying "Hell, it's about time!" XD
Considering things like 100% security, an impenetrable fortress or an unsinkable ship are impossible, this had to happen eventually. I would like to say that Blizz and their policies kinda earned them that sort of attention for good, but unfortunately more friendly companies can be targets as well and the ones on the short end are the users.

What's actually at stake here?

And because Blizzard is a company with a half decent PR department, this will be promptly buried.

Eh, I don't play Blizzard games. Nothing against them, I guess, but I'm just not a PC gamer.

However, I gotta say I'm glad. Hopefully they'll improve their security.
It might be a bit out of topic but I keep getting these emails from Blizzard saying my account was under investigation or something because of botting or scamming or whatever. I don't have a Blizzard account for the reason listed above! I keep trying to reply to them to tell them to gtfo but when I try to do so, it takes me to the official Blizzard customer support page and asks me to login to contact them.

It kind of defeats the purpose, you guys!

My first thought... 'well some guy just got his WoW character liquidated'.

Blizzard's games have lots of money in virtual assets. It a shame to hear about them being hacked, but not surprising. In the same way I'm not surprised when a bank gets robed, I'm not surprised here.

Of course this happens on the day I renew my WoW subscription for shits and giggles....

Charli:

But yeah, *sigh* get ready for a fresh wave of gold sellers/farmers on your realms. Sorry US.

doesn't bother me :D after i stopped playing D3, its pretty much an abandoned account

but i am getting tired of hearing this kinda stuff, and i hope these, and every other ass hat hacker like these twats get hit by a buss on principle

LetalisK:
And because Blizzard is a company with a half decent PR department, this will be promptly buried.

Yes like how their CEO wrote a huge blog, and posted it to every conceiveable means of online communication Blizzard has. Yep, certainly buried.

 Pages 1 2 3 NEXT

Reply to Thread

Log in or Register to Comment
Have an account? Login below:
With Facebook:Login With Facebook
or
Username:  
Password:  
  
Not registered? To sign up for an account with The Escapist:
Register With Facebook
Register With Facebook
or
Register for a free account here