Blue Tracker
World of Warcraft Blue Posts
Diablo II: Resurrected Blue Posts
Diablo III Blue Posts
Hearthstone Blue Posts
Overwatch Blue Posts
Heroes of the Storm Blue Posts
Diablo IV Blue Posts
BlizzCon Blue Posts
Warcraft Rumble Blue Posts

Hacking via authenticator or battle.net

Forum Avatar
Velera
#0 - May 6, 2010, 11:18 p.m.
Blizzard Post
I want to clarify something...I have heard of several people getting "hacked" by an authenticator being added to their account, and a friend of mine was "hacked" last year while his account was *entirely inactive* by having someone "attach" a battle.net account to his inactive account. What identification measures are in place to prevent someone from just claiming they are an account owner with a little bit of info like Email/login and hijacking an account via these 3rd party measures?

I would also like to ask about why the forum logins are the same as the account logins. Doesn't this cause people who post on the forums from public places or from work more likely to get hacked?
Forum Avatar
Aredek
#33 - May 8, 2010, 3:47 p.m.
Blizzard Post
Just to restate a few key points that have already been brought up by various posters in this thread:

  • "Hacked by an Authenticator" is a misnomer. For an Authenticator to be added to an account, the account information must have already been compromised. The only role the Authenticator plays in the process is restricting future logins for someone who does not possess the Authenticator. Our Account Technical Services Department would be happy to help a player recover an account if a malicious Authenticator has been added.
  • For an account to be merged with a Battle.net account, the World of Warcraft account information must already be known. Once again, our Account Technical Services department would be happy to help if unmerge an account if it was done by an unauthorized party.
  • Computer and e-mail security is paramount to maintaining a secure account. Claims that Blizzard has been compromised or is responsible for selling account information are wholly incorrect and is an irresponsible statement as it fools one into overlooking a security lapses which are present.

If you have any suggestions regarding forum logins or other security related issues, we would absolutely love to hear your thoughts. To ensure these suggestions are visible to the appropriate parties, however, please be sure to post them on our Suggestions Forum.