Blue Tracker
World of Warcraft Blue Posts
Diablo II: Resurrected Blue Posts
Diablo III Blue Posts
Hearthstone Blue Posts
Overwatch Blue Posts
Heroes of the Storm Blue Posts
Diablo IV Blue Posts
BlizzCon Blue Posts
Warcraft Rumble Blue Posts

SECURITY ALERT: fansites?

Forum Avatar
Maija
#0 - May 19, 2010, 8:25 p.m.
Blizzard Post
My husbands account just got hacked last night and we just found out the source of the attack was that the Aion web site database was compromised a few months ago.

We never even played Aion, but we did signup for some beta about 2 years ago.

Even though he did not use the same account name, he did you the same password, and because the email address is known the be the Blizz login they are now systematically checking passwords + email combinations for hits.



Forum Avatar
Malkorix
#6 - May 19, 2010, 8:38 p.m.
Blizzard Post
Any kind of breach like this can cause security issues for players, and I'm sorry to hear that it occurred at all. This does highlight how crucial it is to maintain good system security though, and how important it is to avoid using one's battle.net email address for any other purpose.

Our information hub contains several threads with very useful account security advice here:

Account Hacked? Security Issue? Look Here!
http://forums.worldofwarcraft.com/thread.html?topicId=24702231244&sid=1

Please take a moment and read our sticky regarding phishing emails as well, since the first post contains useful information on how to identify such malicious missives:

Fake E-mails from "Blizzard Entertainment"
http://forums.worldofwarcraft.com/thread.html?topicId=965511383&sid=1
Forum Avatar
Malkorix
#24 - May 19, 2010, 9:20 p.m.
Blizzard Post
Q u o t e:
Oh right, he should have used one of his "other" emails, you think we should have special email accounts just because we play your game. You should have NEVER have used email address as account name.


I wasn't referring to your husband specifically, actually. I was merely pointing out that a user can help keep their Battle.net email address more secure by refraining from using it elsewhere.

I hope that doesn't seem unreasonable?

Q u o t e:

However because Blizz uses email addresses as login names, all login names are basically public.


I honestly do not wish to argue with you on this point, but I would like to understand. May I ask why you state that these login names are suddenly public?