If you play World Of Warcraft, Starcraft 2, or Diablo 3, you may want to read this: Mike Horhaime of Blizzard Entertainment posted a press release in regards to a breach of data on their internal network. The leaked information includes email addresses of players outside of China as well as “cryptographically scrambled versions of Battle.net passwords” in addition to personal security questions and Mobile/Dial-in authenticators on North American servers (including players who log in from outside North America).
According to Horhaime, there is no evidence that credit cards, billing addresses, or real names were compromised. In Blizzard’s view, or the one it’s presenting, the biggest issue with this breach will be a wave of spam and phising emails for their customers. The press release says “Based on what we currently know, this information alone is NOT enough for anyone to gain access to Battle.net accounts.”
But there is a bigger danger here than an online game account. If someone has your email address and generic security questions, how hard would it be to access your other online accounts? With the way email addresses and security questions are often used for authentication, there is potential to do a lot of financial harm to Blizzard’s customers. We’ve already seen how a few incidental pieces of personal information have been enough to cause individuals serious harm.
We recommend that if you use Blizzard’s services that you should update your security questions for your other online accounts too. And yeah, check the actual links in your emails before you click on them.
Share your thoughts in the comments section below.