It seems that Battle.net, the Blizzard online service that stores user information for games such as Diablo 3 and World of Warcraft was compromised according to Blizzard president, Mike Morhaime.
“This week, our security team found an unauthorized and illegal access into our internal network here at Blizzard. We quickly took steps to close off this access and began working with law enforcement and security experts to investigate what happened”, Morhaime wrote on the company’s page.
According to Morhaime, there hasn’t been any evidence of any financial information such as credit card numbers, billing addresses, or real names were accessed. Though some data was accessed, which included a list of email addresses for global Battle.net users outside of China, personal security question answers, and information for mobile and dial-in access. Blizzard stresses that the leaked information is not enough for anyone to gain access to Battle.net accounts.
They also know that cryptographically scrambled version of Battle.net passwords were taken. Though the passwords were encrypted, As a precaution, Blizzard recommends users on North American servers to change their Battle.net account password.
In the following days Blizzard will be rolling out an automated process that will prompt North American users to change their security questions and answers, and mobile authenticator users will be prompted to update their software. They also released a FAQ addressing further questions.