Trending Games | Final Fantasy XIV: A Realm Reborn | Elder Scrolls Online | Guild Wars 2 | Firefall
Network: Mist League FPSguru RTSguru
| 67 posts found | |
|---|---|
|
8/09/12 8:16:17 PM#21
so theoretically, people could lose their WoW, SC2 and Diablo 3 accounts all in one fell swoop. Rather than say anything that could be perceived as unkind, I'll just say that at this point in time it appears it could be most unfortunate to be a patron of blizzard.
All of my posts are either intelligent, thought provoking, funny, satirical, sarcastic or intentionally disrespectful. Take your pick. |
|
|
8/09/12 8:45:39 PM#22
Originally posted by Gravarg This probably happened months ago. Oh I dunno, maybe sometime around May 15th. |
|
|
8/09/12 8:48:11 PM#23
(shrug) If you have a physical authenticator you're still safe :-)
I want a physical authenticator for EVERY game I play now if it's an option. |
|
|
8/09/12 8:50:22 PM#24
Changed my password. even though I have a real authenticator... that was an easy fix. Might have some problems with people that don't pay attention to gaming news and people that don't play anymore though. |
|
|
8/09/12 8:51:13 PM#25
Originally posted by reignjuste
Siding with hackers isn't a good thing. You could be their next target. |
|
|
8/09/12 9:53:56 PM#26
Originally posted by kadepsyson Still don't know how secondary authentication works do you? "Any sufficiently advanced incompetence is indistinguishable from malice." ~Greys Law |
|
|
8/09/12 10:07:43 PM#27
Originally posted by endgame1 Geez what a crappy response. Just tell everyone to change their passwords, rather than monitor their accounts .... or do a global auto reset.
WTF does monitoring an account do .. oh not hacked yet .. oh wait today I'm hacked .. lol?
edit: Blizzard is using it's customers as guinea pigs to see how far the damage actualy went, so they can spin a smaller amount of affected customers. My initial reaction still stands - tell everyone to reset their password and suck it up. Treat customers better? Want a nice understanding of life? Try Spirit Science: "The Human History" |
|
|
8/09/12 10:12:18 PM#28
The autenticator itself is pretty solid, the only way around this is to either steal the key from the authenticator (requires physical access) or to do a Man-In-The-Middle attack, where your computer acts as a proxy to some other host.
Either way, it eliminates lazy crooks from obtaining your info, which composes most of thefts.
Want a nice understanding of life? Try Spirit Science: "The Human History" |
|
|
Reizla
 Hard Core Member
Joined: 12/09/08
MMORPGs are no longer about the mass multi-user anymore *sadly* |
8/09/12 11:53:32 PM#29
Originally posted by expresso I'm happy that Blizzard is this quick with reporting the hack. But like all responsible companies do..? Most companies still won't report a hack to their customers, just look at $O€ last year. They waited over a month and only came out because Anonymous told the press... Demigoth's RPG adventures ~ My blog ASUS M4N72-E |
|
8/10/12 1:25:20 AM#30
The passwords taken were encrypted, no big deal but you should change it either way, plus if you an authenticator even if the password were plain text they could still not get into then account.
|
|
|
8/10/12 1:49:42 AM#31
Incoming shitstorm, everyone get out of the internet NOW!
|
|
|
8/10/12 3:47:15 AM#32
Originally posted by expresso This, if you use the physical authenticator, they still cannot get into your account, even if they somehow manage to decrypt your password. |
|
|
8/10/12 5:09:58 AM#33
what more bad can happen than this? someone took my six toons in my absnce and this the message that they gave me : Hello,
Not a single World of Warcraft account compromise in the entire history of the game has been due to a result of a breach of security on our servers. In the event such a breach happened there is far more valuable, sensitive or disruptive data that could, and given the nature of breaches at other high profile companies recently; would be targetted. Account security is something of paramount concern to us. Likewise actual malicious third parties steal accounts to strip them of gold which can easilly be traded onward. They do not steal accounts to continue playing them normally and wherever possible they make stringent efforts to avoid paying for anything - as this would incur rather serious legal ramifications for them otherwise. So all in all considering all of these transfers were paid for using the same card that paid for *all* of the subscriptions on the account and furthermore said transfers were requested from the same geo-location that is regularly used on the account and said individual even contacted us verified all the security information. Unfortunately this leaves us two possible conclusions: - You were sharing your account with someone else - Someone you knew did this Or - Both of the above As previously advised sharing your account is against our policies and really clouds the support we are able to offer. As previously stated there is no evidence that your account was hacked - all of these services were performed legitimately and paid for legitimately and the contexts do not equate to being a malicious third party. I realise it's disappointing and upsetting to have lost your characters in such away but due to the significant period of time that has elapsed since the incident occurred, and the lack of clearcut evidence, I will have to reiterate that these transfers will not be reverted. Regards, Game Master Alliynnah Customer Services Blizzard Entertainment http://eu.blizzard.com/support |
|
|
8/10/12 5:13:32 AM#34
Originally posted by lotaparty /snip Highlighted for emphasis. I think you have bigger issues than your 'toon' and I find it entirely reasonable on Blizzard's side due to that highlighted text. Wonder why there seems to be more haters on the internet? Read this by an actual marketing guy to find out why. |
|
|
8/10/12 6:05:04 AM#35
This happens right before every xpac.
|
|
|
8/10/12 6:36:42 AM#36
We also know that cryptographically scrambled versions of Battle.net passwords (not actual passwords) for players on North American servers were taken. We use Secure Remote Password protocol (SRP) to protect these passwords, which is designed to make it extremely difficult to extract the actual password, and also means that each password would have to be deciphered individually.
Nice spin on things. SRP secures the exchange of passwords between a client and server. It's even used as a protocol to ensure that cryptographically weak passwords are incredibly difficult to sniff. As a protocol however, it has nothing to do with how securely passwords are stored. I'm not saying Blizzard DON'T store their passwords securely, but inferring that SRP makes their passwords secure is at best...misdirection.
Think of it this way - "we use envelopes to secure your letters". Great, that takes care of securing the exchange of the letter (password) between the sender (game client) and recipient (server). It doesn't mean a thing if someone breaks into your house and reads the letter because you just left it lying around, opened on the kitchen table. |
|
|
8/10/12 6:53:28 AM#37
Gotta be honest real fast - Not a fan of Blizzard, only briefly played WoW...but, you gotta give them some credit for getting the information out to their customers quickly, this is one of the fastest I've seen from any company.
|
|
|
8/10/12 7:00:39 AM#38
Originally posted by Mulli Ah...with SRP the server does not store straight password data since version 6. |
|
|
8/10/12 7:03:36 AM#39
If the report in the the tech section of BBC web page this morning is correct. They got away with millions of unencrypted email address. This maybe way I am seeing a huge increase in spam mail the last few days with emails having my email address in both the from and to slots. |
|
|
8/10/12 7:08:18 AM#40
Originally posted by Acornia Good chance this was a possible target. Lots of money selling Email lists. If you have a big enough list. |
|
Friends: vgchartz.com
Not a member? You can still subscribe to our newsletters and daily updates here!
Jun 19, 2013 7:19 AM
- Page Created in 0.734 seconds -
