Send News. Want a reply? Read this. More in the FAQ.   News Forum - All Forums - Mobile - PDA - RSS Headlines  RSS Headlines   Twitter  Twitter
User Settings
LAN Parties
Upcoming one-time events:
Chicago, IL 11/17

Regularly scheduled events Security Breach announces an "important security update," revealing Blizzard has discovered "unauthorized and illegal access into our internal network." As a result, they recommend that North American users change their passwords, though they say they believe that the information retrieved "alone is NOT enough for anyone to gain access to accounts." They also have written up an Important Security Update FAQ with all the details on this, including the surprising news that "information was taken that could potentially compromise the integrity of North American Mobile Authenticators," which will lead to a software updates.

10. Re: Security Breach Aug 9, 2012, 19:48 Dades
Julio wrote on Aug 9, 2012, 19:36:
Looks like we now know how accounts were getting hacked all along. Blizzard probably knew a long time ago.

I'm sure it helped the bottom line at Blizzard selling a bunch of authenticators for the past few months.

I think the physical authenticators are fine only because Vasco is subcontracted for it and the database for the serials isn't on Blizzards servers. Mobile app and dial auths are screwed and will need a software update because the hashes can't be trusted anymore.

If you use the same secret question/answer combo as any other site then you should change that shit immediately. A game where you let people create money out of nothing, no way anyone would try to hack that.

Authenticators were never bulletproof, but two factor authentication is much better than single factor. You know that right? As it stands, using SRP is nearly impossible to break. Unless they also have access to the salted-hash tables for each users password.

I know what two factor authenticator is and you typed this as I was preparing a follow up. Judging by the post they do have access to at least some of the hashed password tables. The point was that both people here and Blizzard kept blaming users for what was possibly an internal security problem. Maybe it was mostly the users fault but this should give anyone pause about making stupid assumptions in the future. They say they detected the intrusion on August 4th, who knows how long they had access before being detected? I hope they get roasted by shareholders.

This comment was edited on Aug 9, 2012, 20:00.
Avatar 54452
Previous Post Next Post Reply Quote Edit Delete Report
    Date Subject Author
  1. Aug 9, 19:18 Re: Security Breach Stimpack
  2. Aug 9, 19:19  Re: Security Breach Cutter
  3. Aug 9, 19:21 Re: Security Breach Sepharo
  7. Aug 9, 19:36  Re: Out of the Blue Rigs
  16. Aug 9, 19:57   Re: Out of the Blue ViRGE
  39. Aug 10, 04:05   Re: Out of the Blue El Pit
  41. Aug 10, 04:37    Re: Out of the Blue Kajetan
  42. Aug 10, 04:41     Re: Out of the Blue El Pit
  43. Aug 10, 04:48      Re: Out of the Blue Kajetan
  44. Aug 10, 04:55       Re: Out of the Blue Luke
  51. Aug 10, 10:53    Re: Out of the Blue AngelicPenguin
  52. Aug 10, 11:20     Re: Out of the Blue nin
  53. Aug 10, 11:31      Re: Out of the Blue El Pit
  54. Aug 10, 13:05      Re: Out of the Blue NegaDeath
  55. Aug 10, 13:15       Re: Out of the Blue El Pit
  58. Aug 11, 12:44      Re: Out of the Blue Prez
  11. Aug 9, 19:49  Re: Security Breach Bet
  4. Aug 9, 19:28 Re: Security Breach Dades
  9. Aug 9, 19:44  Re: Security Breach Mashiki Amiketo
  13. Aug 9, 19:51   Re: Security Breach Prez
  14. Aug 9, 19:53    Re: Security Breach Fion
  18. Aug 9, 20:00    Re: Security Breach Wraith
  5. Aug 9, 19:31 Re: Security Breach Retired
  8. Aug 9, 19:36  Re: Security Breach Julio
>> 10. Aug 9, 19:48   Re: Security Breach Dades
  19. Aug 9, 20:03    Re: Security Breach Mashiki Amiketo
  33. Aug 9, 22:58     Re: Security Breach The Pyro
  12. Aug 9, 19:50   Re: Security Breach Wraith
  23. Aug 9, 20:16   Re: Security Breach descender
  6. Aug 9, 19:35 Re: Security Breach Talisorn
  15. Aug 9, 19:54 Re: Security Breach Techie714
  17. Aug 9, 19:59 Re: Security Breach Dades
  20. Aug 9, 20:04 Re: Security Breach RollinThundr
  22. Aug 9, 20:09  Re: Security Breach Fantaz
  21. Aug 9, 20:09 Re: Security Breach Dades
  24. Aug 9, 20:16  Re: Security Breach Mashiki Amiketo
  25. Aug 9, 20:17 Re: Security Breach Verno
  27. Aug 9, 21:09  Re: Security Breach s1mon75
  29. Aug 9, 21:18   Re: Security Breach RailWizard
  32. Aug 9, 21:32   Re: Security Breach Dades
  36. Aug 10, 03:46   Re: Security Breach Luke
  26. Aug 9, 20:27 Re: Security Breach Parallax Abstraction
  28. Aug 9, 21:15 Re: Security Breach HorrorScope
  31. Aug 9, 21:25  Re: Security Breach eunichron
  35. Aug 10, 02:47   Re: Security Breach s1mon75
  38. Aug 10, 03:58    Re: Security Breach Luke
  30. Aug 9, 21:23 removed RailWizard
  34. Aug 10, 01:53 Re: Security Breach Creston
  37. Aug 10, 03:56  Re: Security Breach Luke
  40. Aug 10, 04:26 Re: Security Breach Mordecai Walfish
  45. Aug 10, 06:20 Re: Security Breach Dev
  46. Aug 10, 06:31  Re: Security Breach NKD
  47. Aug 10, 06:56   Re: Security Breach InBlack
  50. Aug 10, 08:58   Re: Security Breach Verno
  48. Aug 10, 07:25 Re: Security Breach Dades
  49. Aug 10, 08:19  Re: Security Breach briktal
  56. Aug 10, 14:11 Re: Security Breach Steele Johnson
  57. Aug 10, 14:53 Re: Security Breach Verno

Blue's News is a participant in Amazon Associates programs
and earns advertising fees by linking to Amazon.


Blue's News logo