Blue Tracker
World of Warcraft Blue Posts
Diablo II: Resurrected Blue Posts
Diablo III Blue Posts
Hearthstone Blue Posts
Overwatch Blue Posts
Heroes of the Storm Blue Posts
Diablo IV Blue Posts
BlizzCon Blue Posts
Warcraft Rumble Blue Posts

My GF got hacked, hack put on authenticator

Forum Avatar
Kiyolano
#0 - March 4, 2010, 8:44 p.m.
Blizzard Post
She has no way of getting her account back right now and I am forced to sit and watch as that son of a <gun>sells all her stuff.

Customer service hotline is uselss.

GOOD JOB BLIZZARD!!!!

YOUR AUTHENTICATOR BACKFIRED!
Forum Avatar
Orlyia
#3 - March 4, 2010, 8:51 p.m.
Blizzard Post
Q u o t e:
She has no way of getting her account back right now and I am forced to sit and watch as that son of a <gun>sells all her stuff.

Customer service hotline is uselss.

GOOD JOB BLIZZARD!!!!

YOUR AUTHENTICATOR BACKFIRED!


No, actually the authenticator is doing exactly what it is designed to do. Keep anyone without it - out of the account. Now, granted - ideally that should be the PLAYER, but had there been one on this account they couldn't have gotten in....or added their own in the first place.

She will want to start with Billing to get back into control of the account.

In the meantime, I strongly urge security sweeps to determine the source of the security breach. Trust me, the only thing worse than this happening, is it happening AGAIN. It indeed will if there is any way left for them to get back in.

To add an authenticator, they had her pass/ID. She was already compromised although she may not have realized it yet.

I'm posting information below most compromised players are going to need. I do wish you both the very best.

-------------------

If an account has been merged to a Battle.net, or if an email has been changed, or an authenticator added to the account (not the player's own) one of your first stops is going to be Billing. They need to get those sorted out first so the rest of the processes can continue.

Billing and Account Services
Phone Support - 1 (800) 59-BLIZZ (1 (800) 592 5499)
Live Representatives Available 7 days a week, 8am to 8pm Pacific Time
E-mail Support - Billing@Blizzard.com
    Players in Australia should call 1-800-041-378
    Players in Singapore should call 800-2549-9273
    Players in Chile should call 1230-020-5554
    Players in Mexico should call 001-888-578-7628
    Players in Argentina should call 0800-333-0778
    All other international players should call: (949) 955-0283


Now, it's very very important to figure out where the security breach occurred. If they CAN get back in, they WILL be back. That, unfortunately, you can count on.

These two stickies should prove helpful.

Computer Security Recommendations
http://forums.worldofwarcraft.com/thread.html?topicId=1778038509&sid=1

Account Compromise Info Center
http://forums.worldofwarcraft.com/thread.html?topicId=14318909866&sid=1

You may also want to look into getting an authenticator for your account. It's no substitute for good security habits, but it will help keep them out of your WoW account.

Blizzard Store
http://us.blizzard.com/store/

Mobile Authenticator
http://us.blizzard.com/support/article.xml?locale=en_US&articleId=26109

Forum Avatar
Orlyia
#9 - March 4, 2010, 9:53 a.m.
Blizzard Post
They can NOT add one without more information than anyone else should ever have.

At that point an account is ALREADY compromised - whether or not they ever log into it.

This is really just a new twist on an old issue - which also locked a player out and required we be contacted. In many ways - this method is actually a bit easier to reverse.
Forum Avatar
Orlyia
#12 - March 4, 2010, 9:56 a.m.
Blizzard Post
Q u o t e:


What information is required to get one?


To add an authenticator one must already have the password and account ID.
Forum Avatar
Orlyia
#20 - March 4, 2010, 10:16 a.m.
Blizzard Post
Q u o t e:
well the same thing happened to me and i got them to take it off and now. there telling me im to late and i wont get my stuff back


Hypnotic - please, you have your own thread I am responding to - and this isn't necessarily the end of your story.

A Game Master should be speaking with you soon.
Forum Avatar
Orlyia
#37 - March 4, 2010, 10:32 a.m.
Blizzard Post
Q u o t e:


I dunno, I just feel there should be a way of protecting those who DON'T want an authenticator so this kinda thing can't happen to them.


You are still mistaking an authenticator being added as the issue, Kiy - it's not.

That is a side-effect of a compromise that ALREADY happened.

Keeping account information secure is 100% fool-proof against anyone ever getting into an account providing it's not stunningly simple to guess. Hint - PASSWORD makes an incredibly poor one :)

Trafficking in illicit virtual goods is a multi-billion (and yes, that is a B) year business. They will do anything, say anything, try anything to snatch any account they can to pilfer and/or use for various nefarious purposes.

There are LOTS of ways they can come by this information. Malware and social engineering being two major ones.

Fake emails, tells, websites, sponsored google links to fake sites are just the tip of the iceberg.