Blue Tracker
World of Warcraft Blue Posts
Diablo II: Resurrected Blue Posts
Diablo III Blue Posts
Hearthstone Blue Posts
Overwatch Blue Posts
Heroes of the Storm Blue Posts
Diablo IV Blue Posts
BlizzCon Blue Posts
Warcraft Rumble Blue Posts

Account Hack in Progress - What Can We Do?

Forum Avatar
Wilykat
#0 - May 21, 2009, 10:32 a.m.
Blizzard Post
My friend's account is currently being hacked. At approx 4:15am EST (3:15 Sever) I noticed his account was on when it shouldn't have been. I sent a tell and got no response. Five minutes later I called him and woke him to confirm it wasn't him.

I immediately put in a GM ticket and my friend tried to recover his password. After attempting to thwart the hack attempt by changing his email and password, he was informed there were too many password changes and he'd have to call Blizzard customer service. Obviously, the office is closed.

So, for over an hour I've been on the phone with my friend, watching the thief log in and out of his account characters. Stood right next to his characters in Dalaran watching them go from bank to vendor. While my friend is locked out of his account due to multiple password changes, the thief is not. How is it that the web-based system locks out the legitimate person trying to rein security in, but that doesn't initiate a freeze on log-ins?

Moreover, while trying to use his secret question to grab things back, he's gotten notice that his account had been merged to a battle.net account, so now he doesn't even know what the username for his account is.

This is so ridiculously frustrating. We caught the security breach five minutes in and there is zero recourse available to us to freeze or secure what's going on. The GM ticket I submitted has not been addressed in over an hour, not that that's a surprise.

Obviously, tomorrow he'll have to call in and begin the weeks-long process of getting his account straightened out.

He doesn't buy gold. He haven't given his account information out to anyone. He doesn't use any unusual plug-ins. A scan of his computer doesn't show anything unusual virus-wise.

Given that most of the accounts that get hacked surely happen after hours when hackers can expect people to be in bed, what exactly is the recourse available to account holders like us in situations like these?
Forum Avatar
Orlyia
#5 - May 21, 2009, 11:09 a.m.
Blizzard Post
I know this is frustrating, and it may take a little while for us to help him get things put back together, but it's not a weeks long process. Days long, perhaps.

Billing is going to be his first stop. Both because this was merged, and they'll also need to tend to the email address if that was changed.

Point him towards these two stickies if you would.

Billing and Account Services
Phone Support - 1 (800) 59-BLIZZ (1 (800) 592 5499)
Live Representatives Available Mon-Fri, 8am to 8pm Pacific Time
E-mail Support - Billing@Blizzard.com
    Players in Australia should call 1-800-041-378
    Players in Singapore should call 800-2549-9273
    Players in Chile should call 1230-020-5554
    Players in Mexico should call 001-888-578-7628
    Players in Argentina should call 0800-333-0778
    All other international players should call: (949) 955-0283


Now, security. Somehow - someone got ahold of his information. While this is most commonly caused by malware that is missed by scanners, there are many other ways it can happen.

I'd still recommend he do more scans on his system. Not every scanner is going to catch every infection. In the case of the variety commonly known as 'keyloggers' - a 'virus' scanner can often miss those.

I'd also recommend he change his email password once he is certain his system is secure.

Last but not least, please reassure him that there is very little that can be done to an account that cannot be undone - if reported promptly.

I do wish you all the best of luck.