Change your Battle.net passwords - Blizzard breached

In an announcement on Blizzard's official website last night, Mike Morhaime - President of the company - explained that a security breach had taken place. While keen to inform us that financial information like credit card details and real names seemed safe, the post notes that a lot of other information had been potentially breached, including email addresses - and on North American servers (which includes Australia) details like the answer to the personal security question and authenticator information was accessed.

As the post points out, Battle.net passwords are stored using SRP - meaning even though someone may have a list of encrypted passwords, there is very little they can do with them - and each password will have to be brute forced individually. Nevertheless, you would no doubt feel silly if yours was one of the few that was cracked and you hadn't changed your Battle.net password, so go and do it via Battle.net right now!

Blizzard will be asking users to change their personal security questions and the like over the next week - which as Morhaime points out, makes it a prime time for phishing scams. Most decent email spam filters take care of phishing scams these days, but remember to be careful, and note that Blizzard don't require you to email any personal details, usernames or passwords to them ever.

We at GameArena offer our condolences to Blizzard, it happens to the best of us.