Blizzard Security Breach

H

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
Blizzard says its security team has discovered unauthorized and illegal access to its network and the company is asking everyone on its North American servers to change their passwords. Hit the link for more information on the extent of the breach. Thanks to everyone that sent this one in.

Even when you are in the business of fun, not every week ends up being fun. This week, our security team found an unauthorized and illegal access into our internal network here at Blizzard. We quickly took steps to close off this access and began working with law enforcement and security experts to investigate what happened. At this time, we’ve found no evidence that financial information such as credit cards, billing addresses, or real names were compromised. Our investigation is ongoing, but so far nothing suggests that these pieces of information have been accessed.
Click to expand...
 
don't worry guys they took out single player so security is 100%
 
Blizzard internal servers haven't publicly been hacked before. Given a stretch of about 8 years, I think they've been doing okay. At least they owned up very quickly here. Besides who is safe anymore?? Please tell me. If a hacker is talented enough, there is hardly any system out there safe enough to stop them.

I don't support Blizzard's values all the way, considering how they borked D3, but a little slack needs to be cut.
 
Authenticators are useless trinkets that do nothing to keep your account secure. All it is is security theatre, as demonstrated here.

If Blizzard et. al are serious about security, they will adopt smartcards as an authentication method.
 
I don't know why people say D3 was bad I had a blast playing it lol. I only played the single player though so I don't know about the rest. Blizzard has always had security problems but 99% of the time it was from phising scams and stupid end users so not realy Bizzards fault. With that said I hate Blizzard these days lol TOO MUCH MONEY SPENT HAHA. (so I guess I actualy hate myself for spending money at Blizzard lol)
 
Methadras said:
How many times has this happened to them so far?
Click to expand...
never, most accounts are compromised though phishing attempts or people use the same email and password on websites that get compromised and then months down the line a bot chugs the email and password into various games/email accounts till it hits something.

damicatz said:
Authenticators are useless trinkets that do nothing to keep your account secure. All it is is security theatre, as demonstrated here.

If Blizzard et. al are serious about security, they will adopt smartcards as an authentication method.
Click to expand...
? do you know what an authenticator does even with someones password you need a 2nd string generated by the linked authenticator. Even if they had your password decrypted they couldn't gain access to the account without the at least the serial number on the authenticator.
 
I could have sworn they told us less than 3 months ago that something like this was "technically impossible". Silly blizz, complete scum these days.
 
Semantics said:
never, most accounts are compromised though phishing attempts or people use the same email and password on websites that get compromised and then months down the line a bot chugs the email and password into various games/email accounts till it hits something.


? do you know what an authenticator does even with someones password you need a 2nd string generated by the linked authenticator. Even if they had your password decrypted they couldn't gain access to the account without the at least the serial number on the authenticator.
Click to expand...

in this case hes right
the hacker(s) got the authenticator seeds which makes them useless
 
i got an email last week telling me that they know i have been selling my account. (no games on it) and that i needed to login and verify my credentials. WTH! anyways the website looked just like blizzards but instead of dot com it was dot TK
 
oh and they got the security question/answers which means they could easily take the thing off the account any way
 
Semantics said:
never, most accounts are compromised though phishing attempts or people use the same email and password on websites that get compromised and then months down the line a bot chugs the email and password into various games/email accounts till it hits something.


? do you know what an authenticator does even with someones password you need a 2nd string generated by the linked authenticator. Even if they had your password decrypted they couldn't gain access to the account without the at least the serial number on the authenticator.
Click to expand...

Unless the attackers gain access to the backend, as they did here, in which case the authenticator is completely useless because they have the code to generate the number to log in.

Smartcards would be much harder to compromise in this manner.
 
Blizzard is pure crap. Only their legion of Blizztards keep them from actually doing anything to protect their customers. They are more than happy to crap on their golden toilet seats that we purcheased for them. I hope those toilet seats have crabs and anal warts.
 
deathhorse said:
i got an email last week telling me that they know i have been selling my account. (no games on it) and that i needed to login and verify my credentials. WTH! anyways the website looked just like blizzards but instead of dot com it was dot TK
Click to expand...

I get emails like that constantly on my junk mail account. If you check the link you see it's like www.blizzard.us.eu.tk.zu.co or some shit, lol.
 
infojunkie said:
http://us.battle.net/d3/en/forum/topic/5150112272#new-post

They knew hackers were bypassing authenticators since May.
I believe they've been covering the hacking fiasco up only to protect their release sales #.
Click to expand...

Ding Ding Ding. This is probably the correct answer that no one will ever admit. Within two weeks of the games release there was a huge amount of accounts compromised, and yet the only crap spewed by Blizztard and their fanboys was herp derp user error!. :rolleyes: They were protecting release sales and the integrity of the auction house.
 
TheMadHatterXxX said:
Ding Ding Ding. This is probably the correct answer that no one will ever admit. Within two weeks of the games release there was a huge amount of accounts compromised, and yet the only crap spewed by Blizztard and their fanboys was herp derp user error!. :rolleyes: They were protecting release sales and the integrity of the auction house.
Click to expand...

Conspiracy theory much?:rolleyes:
 
Tankerton said:
Conspiracy theory much?:rolleyes:
Click to expand...

Where there's smoke there's usually fire. It doesn't take a genius to figure out how this is being spun. Do you think they would really disclose this within the initial high volume of sales period and jeopardize their projected income on the game's release?
 
It's can't just have happened three months later? It has to be the corporations are raping me? The complaints and entitlement make it seem like nobody has had to pay a medical bill or fix there car where it's a kick in the pants just to get back to where you were.
 
Holy crap! This forum thread looks and sounds like Tom's Hardware kiddie forums.

WTH with all the hate? There aren't any conspiracies here. They got hacked. It can happen to ANYONE now-a-days. It's probably some pissed off Diablo fan. :D

Sounds like some people need to take off the tinfoil hats and go outside for a bit.

Calmmmmmm downnnnnn....
 
WasntMe said:
Holy crap! This forum thread looks and sounds like Tom's Hardware kiddie forums.

WTH with all the hate? There aren't any conspiracies here. They got hacked. It can happen to ANYONE now-a-days. It's probably some pissed off Diablo fan. :D

Sounds like some people need to take off the tinfoil hats and go outside for a bit.

Calmmmmmm downnnnnn....
Click to expand...

the issue here is how long did they know and how far back did the hackers get it
its not out of the question that this is the cause of the hacks at launch

but your right yes it happens but the way things have been going with the game it wouldnt surprise me if they knew for a wile and knew when the data was first comprised
 
so much hate lol for a moment i forgot which forums i was on
 
WasntMe said:
Holy crap! This forum thread looks and sounds like Tom's Hardware kiddie forums.

WTH with all the hate? There aren't any conspiracies here. They got hacked. It can happen to ANYONE now-a-days. It's probably some pissed off Diablo fan. :D

Sounds like some people need to take off the tinfoil hats and go outside for a bit.

Calmmmmmm downnnnnn....
Click to expand...

You are very naive. I have a few bridges, a 200 foot statue, and an island called Manhattan that I can sell you for a very low price.
 
I have YET to buy a blizzard game.. :p They're all 'Meh' to me...
 
Hopefully the hackers stole the server portion of D3 to make it a complete game now.
 
TheMadHatterXxX said:
You are very naive. I have a few bridges, a 200 foot statue, and an island called Manhattan that I can sell you for a very low price.
Click to expand...

Yeah, I'm not a conspiracy nut job, sorry. They said it happened on August 5th but you're going to believe whatever you want. You don't like Blizzard, I get it. Don't need to hate on me because I'm not smoking your brand of drug.

It's all good, I'm sure Blizzard will survive without you buying one of their games.
 
Mobile authenticators will be updated soon as a result of this incident. I don't know if they lost our serial code or something worse got compromised. Now even with the authenticator I don't feel safe.

But good thing is my D3 account only have 2 million golds, which is a penny these days compared to what others have :p
 
infojunkie said:
http://us.battle.net/d3/en/forum/topic/5150112272#new-post

They knew hackers were bypassing authenticators since May.
I believe they've been covering the hacking fiasco up only to protect their release sales #.
Click to expand...

This is entirely a seperate issue and has been going on a lot longer then may and has been mentioned many times on blizzard forums. In this case your still being hacked by the traditional means of malware on your PC but they are getting your password and authenticator number pinged to them and using it within the 1 to 2 minute window given by the authenticator that was just used, before it generates a new number.

They have said they found out about this hack which is the first time to their own servers on august 5th.

As for this being the last straw, I think everyone needs to remember they're just the latest name in a list of major companies getting hacked. Sony, EA, Square-enix, Steam, and now Blizzard have all been hacked with account if taken and probably a few more I am forgetting.:(
 
WasntMe said:
Yeah, I'm not a conspiracy nut job, sorry. They said it happened on August 5th but you're going to believe whatever you want. You don't like Blizzard, I get it. Don't need to hate on me because I'm not smoking your brand of drug.

It's all good, I'm sure Blizzard will survive without you buying one of their games.
Click to expand...

Yes, because companies and people always tell the truth and are fully knowledgeable of their issues. They---oh god, I can't keep a straight face. ROFL LOL LMAO about a million times.... I really hope you aren't as naive as your posts are making you out to be.
 
We need lawyers for this, HURRY !!! There's a 40 year old virgin living in mom and dad's basement that won't sleep this weekend because of a possible breach in blizzard's security. Must take them to court for a gazillion dollars...
 
JFL1969 said:
We need lawyers for this, HURRY !!! There's a 40 year old virgin living in mom and dad's basement that won't sleep this weekend because of a possible breach in blizzard's security. Must take them to court for a gazillion dollars...
Click to expand...

He wasn't gonna sleep anyway, he's probably in the MoP beta...:D
 
My 2 cents:

-I dislike D3, it's trash, complete money grab. The upcoming patch (which is ridiculously overdue) is the make/break for it.
-At release there were a massive number of users getting "hacked". Blizz denied all wrong doing and went as far as to say that it was "technically impossible" for several of the very valid theories (such as session spoofing) to happen
-There was a very cryptic patch note about the login screen and a timeout which coincided with "hacked" reports completely disappearing. Gone. Completely. Stopped happening. Went from at least 3 new posts a day from various players to none. That's kind of peculiar to me.

-Blizz stated they discovered the hack on Aug 5th. They have not yet determined when it happened.
-They have also not yet determined if any other data has been compromised; such as CC info, full addresses, etc etc.

-People, and corporations lie. If you do not believe this, if you do not take this into a least SOME consideration, you will find yourself screwed over royally at some point in your life.

-I just want to pay for a product ONCE and get what was described to me. Not half of it, not a twisted version of it, not a hollow shell.

Apparently I'm a self entitled, whiney, tin-foil hat wearing asshole for wanting that and feeling this way.

/shrug
 
GoldenTiger said:
Yes, because companies and people always tell the truth and are fully knowledgeable of their issues. They---oh god, I can't keep a straight face. ROFL LOL LMAO about a million times.... I really hope you aren't as naive as your posts are making you out to be.
Click to expand...

Whatever makes you feel better about trashing a company.

Everyone is lying all the time. :rolleyes:
 
lilbabycat said:
My 2 cents:

-I dislike D3, it's trash, complete money grab. The upcoming patch (which is ridiculously overdue) is the make/break for it.
-At release there were a massive number of users getting "hacked". Blizz denied all wrong doing and went as far as to say that it was "technically impossible" for several of the very valid theories (such as session spoofing) to happen
-There was a very cryptic patch note about the login screen and a timeout which coincided with "hacked" reports completely disappearing. Gone. Completely. Stopped happening. Went from at least 3 new posts a day from various players to none. That's kind of peculiar to me.

-Blizz stated they discovered the hack on Aug 5th. They have not yet determined when it happened.
-They have also not yet determined if any other data has been compromised; such as CC info, full addresses, etc etc.

-People, and corporations lie. If you do not believe this, if you do not take this into a least SOME consideration, you will find yourself screwed over royally at some point in your life.

-I just want to pay for a product ONCE and get what was described to me. Not half of it, not a twisted version of it, not a hollow shell.

Apparently I'm a self entitled, whiney, tin-foil hat wearing asshole for wanting that and feeling this way.

/shrug
Click to expand...

I didn't play D3 and never followed any of the issues it had/has. If I did, maybe I'd be more concerned, but after about 10 years of playing Blizzard games, I haven't had a single issue which is more than I can say for other companies I deal with.

I have trust in most people and things until their honesty is disproven. It's gotten really far in life.... really far. I can't complain :)
 
WasntMe said:
I didn't play D3 and never followed any of the issues it had/has. If I did, maybe I'd be more concerned, but after about 10 years of playing Blizzard games, I haven't had a single issue which is more than I can say for other companies I deal with.

I have trust in most people and things until their honesty is disproven. It's gotten really far in life.... really far. I can't complain :)
Click to expand...

You're the typical Blizzard fan: If it didn't happen to you, you're mentality is to just bury your head in the sand and deny deny deny.
 
You must log in or register to reply here.
Back
Top