Gaming company Blizzard warned Warcraft, Starcraft and Diablo players on Thursday that its Battle.net online gaming network security had been compromised. The company said it thinks subscriber credit card records are safe, but is warning users to change their gaming account password as a security precaution.
Encrypted Blizzard passwords stolen
Blizzard’s Mike Morhaime said,
Some data was illegally accessed, including a list of email addresses for global Battle.net users, outside of China. For players on North American servers (which generally includes players from North America, Latin America, Australia, New Zealand, and Southeast Asia) the answer to the personal security question, and information relating to Mobile and Dial-In Authenticators were also accessed. Based on what we currently know, this information alone is NOT enough for anyone to gain access to Battle.net accounts.
He added that encrypted versions of Battle.net passwords were taken from Blizzard’s North American servers. Those passwords are protected using the Secure Remote Password protocol, which, Mr. Morhaime said, “is designed to make it extremely difficult to extract the actual password, and also means that each password would have to be deciphered individually.”
Even though it’s unlikely that hackers will crack the stolen passwords, Blizzard is urging subscribers to change theirs as a precautionary measure.
Gamers looking to add even more security to their account can use Blizzard’s Battle.net Mobile Authenticator app for the iPhone, too. The app generates a new six-digit code ever time a user logs into their Battle.net account. The app is free and is available at Apple’s iTunes-based App Store.
Blizzard said it has already taken steps to block similar security breaches in the future and is investigating the incident with police and security experts.