Something I learned during my college days is that no matter how secure you think something is, somebody can break into it. This little fact has been proven again and again over the years, as hackers manage to crack different DRM’s and gain access to users passwords and credit card information. Now it appears that Blizzard is the latest company to have been breached, but it’d be foolish to say that they’ll be the last.
Last night Blizzard released a statement revealing that the company’s internal network was compromised. While no financial information seems to have been compromised, it was announced that the attackers managed to access email addresses and personal security questions (and their answers) for most of the servers. Information relating to authenticators was also accessed, though according to Blizzard this information on its own wouldn’t be enough to actually allow access to anybody’s account.
However, that’s not all that was taken. It appears that cryptographically scrambled versions of Battle.net passwords for the North American servers were also taken. Blizzard states that they use the Secure Remote Password protocol to protect the passwords, which would mean that each password would have to be deciphered individually. But, with that being said, Blizzard is recommending that all North American Battle.net users change their passwords as soon as possible, and they will be prompting those players to also go ahead and change their secret questions and answers. It’s never a good thing when a company’s information is stolen like this, but give props to Blizzard for being proactive in letting the users know what exactly is going on. If you need to change your password, you can do it here.