Earlier today, Blizzard announced that some private Battle.net account information was taken in a recent security breach in its internal network.
First, the (relatively) good news: Blizzard president Mike Morhaime, in a statement released earlier today, said that at this time it doesn’t appear that the hackers obtained any financial data, so your credit card information should be safe.
Morhaime went on to say that the hackers were able to obtain the email address associated with Battle.net accounts outside of China. For North America users, however, the security breach hits you a bit harder.
“For players on North American servers (which generally includes players from North America, Latin America, Australia, New Zealand, and Southeast Asia) the answer to the personal security question, and information relating to Mobile and Dial-In Authenticators were also accessed,” Morhaime said in the statement.
“Cryptographically” scrambled passwords for North American accounts were also obtained, but Morhaime notes that it’s unlikely that hackers were able to decipher the passwords.
“We also know that cryptographically scrambled versions of Battle.net passwords (not actual passwords) for players on North American servers were taken. We use Secure Remote Password protocol (SRP) to protect these passwords, which is designed to make it extremely difficult to extract the actual password, and also means that each password would have to be deciphered individually.”
Regardless, Blizzard says that players should update their password, regardless of their country, as a precaution. Blizzard also believes that the other information obtained in the breach, to the best of their knowledge, would not be enough to gain access to Battle.net accounts.
Still, you should probably keep an eye out for suspicious activity on your Battle.net account.