In a blog post today on Blizzard Entertainment’s website, Mike Morhaime, the president of Blizzard Entertainment reported that a list of email addresses for Battle.net users, answers to security questions, and information relating to the Mobile and Dial-in Authenticator program were illegally accessed by outsiders. The security hole has been closed, but Blizzard is officially recommending that all Battle.net users change their passwords immediately.
Apparently no financial information was compromised, such as credit cards, billing info or real names, but the investigation is ongoing.
The data that was illegally accessed includes a list of e-mail addresses of global Battle.net users outside of China, according to the post. Players on North American servers (which generally includes players from North America, Latin America, Australia, New Zealand, and Southeast Asia) the answer to the personal security question, and information relating to Mobile and Dial-In Authenticators were also accessed. Blizzard does note this information alone is not enough for anyone to gain access to Battle.net accounts.
Better to be safe than sorry though, so please change your passwords and stay tuned to Blizzard’s Secrurity FAQ in the coming days as the investigation continues.