Blizzard's Battle.net service has been hacked

One of the biggest game companies on the planet, Blizzard, has recently been hacked. The company announced a new security update news on the Battle.net page that talks about what was hacked and how users take precautions against losing their accounts.

In the post, head of Blizzard Mike Morhaime says, “At this time, we’ve found no evidence that financial information such as credit cards, billing addresses, or real names were compromised. Our investigation is ongoing, but so far nothing suggests that these pieces of information have been accessed.”

Some of the data seems to have been illegally accessed though, including a list of email addresses for global Battle.net users outside China. For players on North American servers, which includes North America, Latin America, Australia, New Zealand and Southeast Asia, the answer to the security question and information relating to Mobile and Dial-In Authenticators have also been accessed. “Based on what we currently know, this information alone is NOT enough for anyone to gain access to Battle.net accounts,” said Morhaime.

Battle.net has been hacked

The hackers have also taken the cryptographically scrambled versions of Battle.net passwords of players on North American servers. These are not actual passwords and can not be used to access accounts. “We use Secure Remote Password protocol (SRP) to protect these passwords, which is designed to make it extremely difficult to extract the actual password, and also means that each password would have to be deciphered individually,” says the post. Players who play on North American servers are recommended to change their password in any case, as a precaution.

Blizzard has set up an FAQ page that details all the steps players should take to ensure security of their Battle.net account. The FAQ also warns players against phishing emails. “Players should also be wary of fraudulent emails (phishing). Unfortunately, because email addresses were exposed, it is entirely possible that this could result in an increased, targeted phishing campaign being sent to our users.”

The security breach could be a big problem for Blizzard this close to the release of the latest expansion for World of Warcraft, titled Mists of Pandaria. The highly anticipated expansion pack is set to release on September 25.

Once the expansion pack is out, players belonging to both the Alliance and the Horde will be able to visit and explore the long-lost continent of Pandaria and see the mysteries the continent hides.

During the announcement of the release date for the expansion pack, Mike Morhaime said, “Mists of Pandaria contains the biggest variety of new content we’ve ever created for a World of Warcraft expansion, with features that will appeal to new players, veterans, and everyone in between. We’ve received a lot of great feedback from players during our most extensive beta test yet, and we hope they enjoy exploring everything Pandaria has to offer when the expansion comes out in September.”