breach prompts Blizzard Security Update

If you play World of Warcraft, Diablo III or StarCraft II, now would be a great time to change your password, as Blizzard announces a security breach hit the company's servers this week. No financial data has been compromised.

World of Warcraft: Cataclysm - Goblins

World of Warcraft

We deeply regret the inconvenience to all of you and understand you may have questions.

We take the security of your personal information very seriously, and we are truly sorry that this has happened.

Blizzard president Mike Morhaime explains in an open letter that the company's security team discovered an "unauthorised and illegal access" into the developer's internal network. Working closely with law enforcement and security experts, the access has now been closed, and people are investigating just what happened - and how it was possible.

At this time, we’ve found no evidence that financial information such as credit cards, billing addresses, or real names were compromised. Our investigation is ongoing, but so far nothing suggests that these pieces of information have been accessed.

What Blizzard admits has been accessed includes a list of email addresses for users (outside of China). In addition to that, North American servers were also targeted, with information regarding mobile and dial-in authenticators accessed, as well as answers to personal security questions. (The North American servers typically include gamers from North America, Latin America, Australia, New Zealand and Southeast Asia.)

Blizzard reassures gamers that this information alone is not enough for the culprits to gain access to any accounts.

Your actual password has likely not been accessed or affected, with Blizzard keeping those things carefully cryptographically scrambled. However, the scrambled versions were accessed, so you're advised to change your password. Morhaime explains:

We use Secure Remote Password protocol (SRP) to protect these passwords, which is designed to make it extremely difficult to extract the actual password, and also means that each password would have to be deciphered individually. As a precaution, however, we recommend that players on North American servers change their password.

Moreover, if you have used the same or similar passwords for other purposes, you may want to consider changing those passwords as well.

Changing your password is the only action you should take at the moment, everything else is safe. "In the coming days," says Morhaime, the company will contact players on the North American servers, prompting an automated change to secret security questions and answers.

If you use a mobile authenticator, there will be a software update rolled out in the near future also, with Blizzard advising caution.

As a reminder, phishing emails will ask you for password or login information. Blizzard Entertainment emails will never ask for your password.

Why not check out our latest vidcast!
Player Attack TV: September 25 2015, SE3 EP30 or subscribe to our YouTube channel.

  • Twitter
  • Facebook
  • email
  • Delicious
  • Google Bookmarks
  • Myspace
  • Digg
  • Reddit
  • StumbleUpon
  • N4G
  • Follow us on Twitter or like us on Facebook

Get The Latest Episode News
Email Address

One Response to “ breach prompts Blizzard Security Update”

  1. […] 23 This week on Player Attack, gamers are advised to change their passwords after Blizzard admits to a security breach. OUYA gets well and truly funded, fans of DayZ get some very good news, we get our first look at […]

Leave a Comment

Player Attack Fri 9pm, Aurora

Article Details

Author Bio:

I like video games and music and cups of tea and noodles and beagles and colour-cycling LEDs.
Like me on Facebook?

Popular Articles

Act of Aggression REVIEW: Act of Aggression [PC]

By Kingsley Foreman

Subscribe to our Youtube channel and get all the latest TV episodes.