Blue Tracker
World of Warcraft Blue Posts
Diablo II: Resurrected Blue Posts
Diablo III Blue Posts
Hearthstone Blue Posts
Overwatch Blue Posts
Heroes of the Storm Blue Posts
Diablo IV Blue Posts
BlizzCon Blue Posts
Warcraft Rumble Blue Posts

Account Compromise

Forum Avatar
Asaayo
#0 - Oct. 25, 2010, 11:26 p.m.
Blizzard Post
Last night, I received an email from Blizzard that the email address connected to my battle.net account had been changed, and since I had not initiated this change, I immediately followed the links to attempt to get my account restored. At the end of the process, it said I was supposed to receive an email which would contain a link to reset my password. This was at 10 p.m. last night EST, and I still have not received the aforementioned email. I checked the progress of the account restoration earlier, and it told me I was supposed to also have received an email about the status of character and item restoration. Again, this email has not arrived either.
Last night, at approximately 1 a.m. EST I sent an email to customer support asking for information about the fact that I have received none of this information, and again, no response.

For anyone wondering, it is this account that is compromised, and I seem to only be posting because of the wonders of cookies.
Any questions, fire away.
Forum Avatar
Orlyia
#9 - Oct. 26, 2010, 9:28 a.m.
Blizzard Post
This account is locked pending verification from you that your system and email are secure.

Looks like they changed your email on 10/25/2010 - that was very soon after you removed your authenticator on 10/23/2010.

I strongly suspect your original email is likely compromised. You need to be absolutely certain of your security before you proceed with getting all this unlocked. Restoration work has already been completed.

The email you would have received had security tips, and also the following instructions to get this unlocked.

Q u o t e:
To submit account recovery documentation, please print and fill out the Account Recovery Form (http://us.blizzard.com/support/article/bnettouform), follow the instructions in the form, and then email, fax, or mail the form and required identification as directed.


I'm asking that the email on this account be reverted, but I'd strongly recommend thinking about setting up another totally unrelated email for use with this account.

You may also want to look into getting an authenticator for your account. It's no substitute for good security habits, but it will help keep them out of your WoW account.

Blizzard Store
http://us.blizzard.com/store/browse.xml?f=c:6

Mobile Authenticator
http://us.blizzard.com/support/article.xml?locale=en_US&articleId=26109
Forum Avatar
Orlyia
#11 - Oct. 26, 2010, 10:10 a.m.
Blizzard Post
Q u o t e:
Edit2: Would it be possible to get some clarification as to why I never got the password reset and character restoration process emails sent to me that were supposed to be? Is it because you believed my email account was compromised as well?


That was because they changed your email to one they had control over.
Forum Avatar
Orlyia
#13 - Oct. 26, 2010, 10:31 a.m.
Blizzard Post
Q u o t e:
I mean this in the most constructive way possible, but why does the account recovery tool exist if it does nothing? Do hackers just usually not change the email address associated with a battle.net account?

The account recovery tool asked for the email address that I used for the battle.net account, and yet did nothing with that information?

I'm not trying to be confrontational in any way, just understand the system. I'd like to provide some feedback to make it harder for situations like this to occur, as well, if that is at all possible.


To have changed that email, they had far more information than they ever should have been able to get their hands on. That....or they have access to the original email itself.

Were you phished?