Blue Tracker
World of Warcraft Blue Posts
Diablo II: Resurrected Blue Posts
Diablo III Blue Posts
Hearthstone Blue Posts
Overwatch Blue Posts
Heroes of the Storm Blue Posts
Diablo IV Blue Posts
BlizzCon Blue Posts
Warcraft Rumble Blue Posts

I got hacked....it happens to the best of us

Forum Avatar
Jayburner
#0 - May 5, 2010, 6:57 p.m.
Blizzard Post
Went to log in today and the login screen said "input your digital code"

except I don't have an authenticator.

I only go to 1 website on this computer for the last 5 years.

Ran adaware/malware/avg/avast and could find no keyloggers or viruses.

I don't use email so I wasn't phished. I don't reply to those fake whispers when i'm logged in telling me to go claim my new pet at www.soandsoblahblah.com

I don't click on screenshots or click on ads selling gold ...basically all I do is read this forum and play the game.

I did get hacked back when BWL was new and I learned my lesson from that.

So what gives? How did someone get into my account and add an aunthenticator?

I don't even click on ads on wow forums.
Forum Avatar
Malkorix
#72 - May 5, 2010, 9:36 p.m.
Blizzard Post
There's a lot of hostility in this thread, which I'd like to see tone down. When you feel like you've taken the right steps to secure your system, it can be confusing and upsetting when you find your account compromised. It's natural to look for explanations - even in unlikely places.

I would like to simply state that, to date, Blizzard Entertainment has not been compromised. With that in mind, to prevent future compromises, it's essential to recognize that the breach in security occurred somewhere within your domain.

Q u o t e:
you didnt get hacked because you dont have one... because people get hacked with them all the time


I want to make something clear: The statement that 'people get hacked with Authenticators all the time' is simply incorrect, bordering on outright falsehood. While no security measure is 100% successful, layering security has substantial advantages and attaching an Authenticator remains one of the very best steps you can take to secure your World of Warcraft account. It remains true that acquiring an Authenticator alone may not be enough, and doing so does not replace safe browsing habits and good system security.

Q u o t e:
hxxp:// is standard protocol for reporting mal sites. I'm one step ahead of you = )


Thank you for editing the site sufficiently to protect other players. It's always best not to post a potentially malicious site in a recognizable fashion - doing so is a violation of the forum code of conduct and puts the curious or incautious at unnecessary risk.
Forum Avatar
Malkorix
#74 - May 5, 2010, 10:33 p.m.
Blizzard Post
Q u o t e:
Since I got you here Mr. Blue....any chance you could take that aunthenticator off my account? Its impossible to get thru to blizzard on the phone.


Unfortunately, I'm personally unable to do so, no =(. You can request that an unauthorized Authenticator be removed via email at [email protected] or via telephone. I know that the telephone queues are impacted, and I am sorry if that's inconvenient at all, but it remains amongst the fastest methods to clear up a situation like this. Email is a good way to go if you are willing to wait.

Q u o t e:
Its wierd though--I can still log into these forums and my armory shows me with all my gear on. I only played this warrior since vanilla release.

Has it gotten to the point where the hackers have so many stolen accounts that they haven't gotten around to stripping my guy naked yet?


That's unlikely. The armory can update slowly, so that may explain why you haven't seen the 'damage' quite yet. Not to worry though - while no restoration is guaranteed, our staff will do their best to help you make as full a recovery as possible, and get you back on your feet and playing as soon as they can. The links we've posted in our brand new security and compromise thread:

Account Hacked? Security Issue? Look Here!
http://forums.worldofwarcraft.com/thread.html?topicId=24702231244&sid=1
Forum Avatar
Malkorix
#78 - May 5, 2010, 11:51 p.m.
Blizzard Post
Q u o t e:

there must be a hole in battlenet... they might not get as far as to getting the CC numbers but they seem to be getting the login info


No, there is no security issue with our systems or Battle.net itself. Please consider reading the information I posted a bit earlier in this thread (http://forums.worldofwarcraft.com/thread.html?topicId=24702201118&pageNo=4&sid=1#72). If one is to appropriately protect their account and prevent future compromise, it's important to recognize this and that the breach rests somewhere within the player's domain. In an effort to help, we've consolidated our security information into a thread here:

Account Hacked? Security Issue? Look Here!
http://forums.worldofwarcraft.com/thread.html?topicId=24702231244&sid=1