Do the milkshake the milkshake do the shake

Battle.net breach prompts Blizzard Security Update

If you play World of Warcraft, Diablo III or StarCraft II, now would be a great time to change your Battle.net password, as Blizzard announces a security breach hit the company's servers this week. No financial data has been compromised.

World of Warcraft: Cataclysm - Goblins

World of Warcraft

We deeply regret the inconvenience to all of you and understand you may have questions.

We take the security of your personal information very seriously, and we are truly sorry that this has happened.

Blizzard president Mike Morhaime explains in an open letter that the company's security team discovered an "unauthorised and illegal access" into the developer's internal network. Working closely with law enforcement and security experts, the access has now been closed, and people are investigating just what happened - and how it was possible.

At this time, we’ve found no evidence that financial information such as credit cards, billing addresses, or real names were compromised. Our investigation is ongoing, but so far nothing suggests that these pieces of information have been accessed.

What Blizzard admits has been accessed includes a list of email addresses for Battle.net users (outside of China). In addition to that, North American servers were also targeted, with information regarding mobile and dial-in authenticators accessed, as well as answers to personal security questions. (The North American Battle.net servers typically include gamers from North America, Latin America, Australia, New Zealand and Southeast Asia.)

Blizzard reassures gamers that this information alone is not enough for the culprits to gain access to any Battle.net accounts.

Your actual password has likely not been accessed or affected, with Blizzard keeping those things carefully cryptographically scrambled. However, the scrambled versions were accessed, so you're advised to change your password. Morhaime explains:

We use Secure Remote Password protocol (SRP) to protect these passwords, which is designed to make it extremely difficult to extract the actual password, and also means that each password would have to be deciphered individually. As a precaution, however, we recommend that players on North American servers change their password.

Moreover, if you have used the same or similar passwords for other purposes, you may want to consider changing those passwords as well.

Changing your password is the only action you should take at the moment, everything else is safe. "In the coming days," says Morhaime, the company will contact players on the North American Battle.net servers, prompting an automated change to secret security questions and answers.

If you use a mobile authenticator, there will be a software update rolled out in the near future also, with Blizzard advising caution.

As a reminder, phishing emails will ask you for password or login information. Blizzard Entertainment emails will never ask for your password.

Why not check out our latest vidcast!
Player Attack TV: August 22 2014, SE2 EP28 or subscribe to our YouTube channel.


  • Twitter
  • Facebook
  • email
  • Delicious
  • Google Bookmarks
  • Myspace
  • Digg
  • Reddit
  • StumbleUpon
  • N4G


  • Follow us on Twitter or like us on Facebook


Get The Latest Episode News
Email Address


One Response to “Battle.net breach prompts Blizzard Security Update”

  1. [...] 23 This week on Player Attack, gamers are advised to change their Battle.net passwords after Blizzard admits to a security breach. OUYA gets well and truly funded, fans of DayZ get some very good news, we get our first look at [...]

Leave a Comment

Article Details

Author Bio:

I like video games and music and cups of tea and noodles and beagles and colour-cycling LEDs.
Like me on Facebook?

Popular Articles

Subscribe to our Youtube channel and get all the latest TV episodes.