Millions of gaming account details are stolen in massive Blizzard hack

 

Rob Williams
Friday 10 August 2012 08:26 EDT
Comments

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

The account details of millions of online gamers have been stolen in a hack attack on games company Blizzard.

The company, which makes the World Of Warcraft, StarCraft and Diablo franchises posted a message on its website today advising players using North American servers to change their passwords for the account management service.

The compromised data relates to Battle.net accounts which are used for all of Blizzard's games.

In a posting today the company said: “This week, our security team found an unauthorized and illegal access into our internal network here at Blizzard. We quickly took steps to close off this access and began working with law enforcement and security experts to investigate what happened.”

The post goes on to explain that the data that was illegally accessed included a list of email addresses for global Battle.net users outside of China.

Players on North America servers (which includes users in North America, Latin America, Australia, New Zealand and Southeast Asia), had their security question details hacked as well as information relating to Mobile and Dial-In authentication.

Cryptographically scrambled Battle.net passwords were also taken.

The company has advised that gamers that play online via North American servers should change their passwords as a precaution.

The company has stressed it would be extremely difficult to access actual passwords using the scrambled data stolen.

They also stressed that no financial data had been accessed, such as credit cards or billing addresses.

Blizzard said that users should be aware of any potential phishing scams that may follow as a consequence of email details being out in the open.

Blizzard Entertainment boss Mike Morhaime said the hack had been discovered on August 4th, and that the company were: “truly sorry that this has happened”.

The company said it had spent the time since August 4th fixing the vulnerability in their systems and finding out what information had been compromised.

Following the hack the company is likely to face criticism over its decision to make games that require a login via Battle.net and cannot be played offline.

Despite the loss of passwords and email data Blizzard's use of a Secure Remote Password protocol is likely to have minimised the consequences for users as the system makes it near impossible to brute-force a password, a method hackers use in which a computer attempts every possible key or password until it succeeds.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in