Blizzard is one of the biggest names in gaming, thanks to the Warcraft, Diablo and Starcraft franchises. This also makes it one of the biggest targets for cybercriminals and other hackers. It has been plagued for years by attempts to compromise individual World of Warcraft accounts, but now it has been the target of a much larger attack.
It has just notified users that it has suffered an intrusion into its Battle.net service, and that the email addresses for every account outside China have been stolen (due to government regulations Blizzard operates its games there through a third party, Chinese owned, publisher). Even worse than that, accounts in the North America region (which includes Australia and New Zealand) have had additional information accessed.
This includes ‘cryptographically scrambled’ passwords, the answer to personal security questions and information about the mobile and dial in versions of its Authenticators. Blizzard believes it won’t be enough information to access people’s accounts, but the exposure of secret questions tied to email addresses alone means that anyone with a Battle.Net account will probably want to change their passwords and other information on any site that uses similar information.
Blizzard has notified law enforcement and says it has closed the loophole. It is also adamant that no credit card information has been stolen. For more information check out Blizzard’s official statement.