Battle.net, Blizzard's online service that stores game data, financial, and other personal user information, has been compromised.
Battle.net, Blizzard's online service that stores data, financial, and other personal user information for games like Diablo 3 and World of Warcraft, has been compromised, according to Mike Morhaime, Blizzard's president.
"This week, our security team found an unauthorized and illegal access into our internal network here at Blizzard," Morhaime wrote on the company's website. "We quickly took steps to close off this access and began working with law enforcement and security experts to investigate what happened."
Morhaime explains that Blizzard has found "no evidence" that personal information such as credit card information, billing addresses, or users' real names were accessed. However, a list of Battle.net email addresses for users outside of China, the answer to a security question, and information regarding mobile and dial-in access were accessed.
Cryptographically scrambled versions of Battle.net passwords for players on North American servers were accessed. Although the passwords were encrypted, Morhaime recommends that players on these servers change their Battle.net passwords as well the same password used on any other service.
In the next few days, Blizzard will prompt North American users to change their security questions and answers, and mobile authenticator users will be prompted to update their software. Blizzard also posted an FAQ to address any remaining questions.