I'm putting off an update to make sure you're aware of this. In case you don't already have a physical authenticator, I urge you to get one. Especially if you don't want to be running Black Temple while you sleep.
More information can be found here. In a nutshell: someone broke into their database. While most sensitive information is apparently safe, due to encryption, you should really get a physical authenticator -- not just a mobile one.
Per Blizzard:
Some data was illegally accessed, including a list of email addresses
for global Battle.net users, outside of China. For players on North
American servers (which generally includes players from North America,
Latin America, Australia, New Zealand, and Southeast Asia) the answer to
the personal security question, and information relating to Mobile and
Dial-In Authenticators were also accessed. Based on what we currently
know, this information alone is NOT enough for anyone to gain access to
Battle.net accounts.
We also know that cryptographically scrambled versions of Battle.net
passwords (not actual passwords) for players on North American servers
were taken. We use Secure Remote Password protocol (SRP) to protect
these passwords, which is designed to make it extremely difficult to
extract the actual password, and also means that each password would
have to be deciphered individually. As a precaution, however, we
recommend that players on North American servers change their password.
Please click this link to change your password.
Moreover, if you have used the same or similar passwords for other
purposes, you may want to consider changing those passwords as well.
No comments:
Post a Comment