The thing is most of the time they blame the end-user (ie us) for allowing our accounts to be hacked, but as someone pointed out it could have easily been from their end as well, the GMs may have limited control over our accounts, but the people on the phone, techies, coders, etc have near on full access to them, all it takes is one disguntered employee to copy the data, leave the company and it's payday for them, or even a laptop left on a train/stolen from home/work, Blizzard would never admit it's their end, nor would any company with personal data being handled, these things only get found out from outside sources (ie the press).
In Blizzard's case it's worrying because if it was something simple like the addons, we would know about it stright away, either the community or Blizzard would have accounced it clearly and promtely, it's just the volume of accounts been hacked since the new battlenet was put in place and with people with just SC2 reported being hacked a while back, user data has to have been leaked/stolen from somewhere, may not be from Blizzard persay could have been a 3rd party and/or site, but this is looking less and less likely to be 'user error'. TBH it would be far better if sites/games quit using our email as a login - it's far too easy to crack
Mine was hacked during a hiatus from the game. I engage in p2p file sharing So I suspect it was via this method with one of the many thousands files I download that he was able to access my password. However with relation to the promptness that blizzard dealt with the issue, doing so without me evening knowing my account had been hacked. I cannot help but suspect it was a security breach via there patch client that caused the information leak. Since they do request you to open ports. They have however done an excellent job to conceal this from the media. Or perhaps even an internal violation from members of there own staff.
But yes I am happy in the manner of which they dealt with the issue, even if my main account is now in Swedish!!!
Just curious, Garrett, do you use any add-ons or the WoW client only?
"Soloists and those who prefer small groups should never have to feel like they''re the ones getting the proverbial table scraps, as it were." - Scott Hartsman, Senior Producer, Everquest II "People love groups. Its a fallacy that people want to play solo all the time." - Scott Hartsman, Executive Producer, Rift
The thing is most of the time they blame the end-user (ie us) for allowing our accounts to be hacked, but as someone pointed out it could have easily been from their end as well, the GMs may have limited control over our accounts, but the people on the phone, techies, coders, etc have near on full access to them, all it takes is one disguntered employee to copy the data, leave the company and it's payday for them, or even a laptop left on a train/stolen from home/work, Blizzard would never admit it's their end, nor would any company with personal data being handled, these things only get found out from outside sources (ie the press).
In Blizzard's case it's worrying because if it was something simple like the addons, we would know about it stright away, either the community or Blizzard would have accounced it clearly and promtely, it's just the volume of accounts been hacked since the new battlenet was put in place and with people with just SC2 reported being hacked a while back, user data has to have been leaked/stolen from somewhere, may not be from Blizzard persay could have been a 3rd party and/or site, but this is looking less and less likely to be 'user error'. TBH it would be far better if sites/games quit using our email as a login - it's far too easy to crack
My guess is there are simply some security holes in battlenet that Blizzard is well aware of. With that said, I'm sure they're bringing in quite a bit of cash with their authenticator program, so I'm not sure they're too concerned with fixing the problem.
I got hacked last year. It was during the weekend so I couldn't call Blizz. I instead sent them an email during the afternoon and the next morning my account was reset and all my items and toons were restored.
Well I didn't have this problem until the switch from a user name to email addresses.
I got got battle.net phished.
Add ons had nothing to do with it, just cuz I wasn't even active for a year. They probably saw a forum post I had, saw my email addy which was the same (remedied that) and used a program to phish my random password.
i got hacked last winter. took 3 days total through email to get my account restored with more gold and items on my toons than i had before the hack plus free game time. no phone in needed.
my account got hacked a couple months ago or whatever after being wowfree for almost 2 years. got everything back i guess, haven't check because my account is basically in limbo until i finish the restoration process. it's funny to receive scam emails trying to get me to finish the process.
With regards to a 45 minute wait on the phone, here's a tip to ensure that the queue isn't so long.
Get straight to the point and don't keep the operator on the line with needless chatter about something other than your issue, such as talking about D3, or how long you had to wait etc etc.
I would imagine that the whole process may result in ppl being dealt with alot quicker, without ppl hogging the operators time with idle chit chat.
My experience with getting my account hacked was a bad one. Took weeks to get it back, had to fax forms, emails back and forth. tryied calling customer service multiple days and never was able to get through. phones were so busy, blizzard only had a recording that said "queues are completely full, call back later" type of message.
So...now I run with both PW and authenticator, friends run with both, and anyone I help get started I make sure has both set up, if possible.
I also saw a good idea of giving blizzard a special email address that they only have..
finally any email from blizzard, may not be from blizzard, spoofing occurs so you may see xyz at blizzard dot com and that may map in the mime encoding of the email to some server else where (not blizzards). So be leary of email....
The thing is most of the time they blame the end-user (ie us) for allowing our accounts to be hacked, but as someone pointed out it could have easily been from their end as well, the GMs may have limited control over our accounts, but the people on the phone, techies, coders, etc have near on full access to them, all it takes is one disguntered employee to copy the data, leave the company and it's payday for them, or even a laptop left on a train/stolen from home/work, Blizzard would never admit it's their end, nor would any company with personal data being handled, these things only get found out from outside sources (ie the press).
In Blizzard's case it's worrying because if it was something simple like the addons, we would know about it stright away, either the community or Blizzard would have accounced it clearly and promtely, it's just the volume of accounts been hacked since the new battlenet was put in place and with people with just SC2 reported being hacked a while back, user data has to have been leaked/stolen from somewhere, may not be from Blizzard persay could have been a 3rd party and/or site, but this is looking less and less likely to be 'user error'. TBH it would be far better if sites/games quit using our email as a login - it's far too easy to crack
My guess is there are simply some security holes in battlenet that Blizzard is well aware of. With that said, I'm sure they're bringing in quite a bit of cash with their authenticator program, so I'm not sure they're too concerned with fixing the problem.
Have to agree, i have not been on WOW for over a year,and i have bought a new computer that has never had WOW loaded on it,or any other Blizzard (battlenet) game, my son got Starcraft 2, and gave me a limited time use account, to activate it i had to add my battle net account, did not enter it anywhere else i entered it just for Starcratf 2, not more then 2 hours later i started getting Phishing E-mails for my battlenet account, if there are no holes how did the Phishers get it so fast? when the account was for a Blizzard game?
WOW hackers are idiots. Who else would use highly valued IT skills to illegally hack into accounts for a business that probably pays them hourly or blue collar wages? It's stupid; like a Computer programmer shoplifting a pack of cold cuts in a thrift store.
Folks with the tech and ingenuity to hack can make a boatload more money day-trading stocks online. Pays better and completely legal.
Therefore...
The FIRST STUPID AWARD FOR THE 21ST CENTURY goes to.....
(drum roll)
WOW hackers.
A) good luck prosecuting an account hacker for stealing items that companies do not want to put a value on.
What makes you think the hackers are the wage slaves and not getting a cut of the profits or running everything themselves?
Some guys account got hacked. So? Happens constantly to people. Yes, it's annoying. Still, it's their fault, since it was a security problem on their side.
He got his account back, his equipment was gone, and that didn't take long. Soooooo? Does that article give us any new information about anything? No. Any creative points of view? A review of something? Fresh ideas? Interesting screenshots or videos to look at?
Nah. It's just some guy describing something that happens constantly. If I'd describe how I'd go to the bakery and buy some bread, that would be more worth of an article, because it's as mundane as getting your wow account hacked, but it's not as often talked about.
Sorry if I sound negative, but that really is not worth a read.
Actually, I felt the same way when I first read the article. Didn't seem to be all that newsworthy, given that it happens to hundreds, if not thousands of people every week. Having a WoW account hacked is hardly something to get all worked up about. Then again, the fact that it's happened to somebody in the computer entertainment industry means that they have a chance to make people aware that this is happening, and that nobody is safe.
I'm glad the article was written, assuming it accomplishes the following:
1. People who read it and weren't aware of how prevalent WoW account hacking is take steps to prevent it from happening to them.
2. Somebody at Blizzard who checks the MMORPG.com web site mentions to their boss that they saw an article about WoW accounts being hacked.
Now, if only we can get it picked up by some major media, so we can finally get Blizzard to actually do something about it. Other than trying to sell us an authenticator, that is.
Getting hacked at this point doesn't even affect you anymore other than inhibiting you from playing for like a day on the character whos gear got sold or deleted. It takes like 10 minutes on the phone with a blizzard support person to get your account back, and transferred to a different email assuming you know your secret question and secret answer or have the key from the original wow still handy. GM's have gotten faster with getting your gear back too, taking less than a day usually now.
Getting your account back is the easy part. Getting all your gear and accumulated goodies squared away, across a dozen characters on three different servers, is more of a hassle. If you had your own guild bank, that's more trips to the mailbox to retrieve your recovered items. If you had access to a shared guild bank, have a good time returning everything that was stolen from your friends while your account was being ransacked.
There's nothing to recovering your account. The nightmare is trying to get the mess sorted out once you're back in. That's something they don't have a quick fix for.
Funny enough, when it happened to me, it was a few weeks after I'd taken a hiatus from the game too. It was supposed to be a temporary break but became a permanent one after the incident. It was the final nail in the WoW coffin for me.
I basically had the same experience as you, except with only waiting 20mins on the phone. It actually made me respect Blizzard a whole lot more because back in 2005 my account was hacked as well and I waited 2+ hrs for a representative.
You shouldn't get relieved if you have authenticator. It might be safer but it shouldn't give you the feeling that "Hey, I can now have whatever trojan i can". There is still man-in-the-middle attacks. If you cba to read the above and can't understand it, basically the trojan tricks you like you talked with WoW Login server but instead it sends your login and authenticator information to the hacker. If the hacker is online and sees this, he can easily log in to battle.net, disable your authenticator and change your password. I think recently Blizzard also found a solution for this which is to ask another authenticator code for both cancelling authenticator and/or changing password. I am not sure though, but still be careful what you download and have at least a basic antivirus like Microsoft SE.
Not the type of report I thought I was going to read, thank you for wasting my time and making me yawn more than your 45 min wait. Here I thought WoW's News page got hacked from the email I recieved about this. I could careless about your experience, I've had plently before, good and bad, i don't need to tell the whole word, it was so pleasant this time after the 45 mins... damn guy, your life that boring?
A lot of comments here. Getting hacked was the last nail in the coffin for me playing WoW again. I got *most* of my stuff back but not all of it. I lost some important things that took a lot of grind to get. While it was fun to get those things, I wouldn't do it a second time. Worse than that, I lost all my gold and mats. I had farmed up a lot of thorium, enchanted clothes, gems, etc. All of it was gone and not replaceable since I hadn't played for a few months and they didn't have records of those things.
I just didn't want to go back and grind all that stuff up again. There are other games out there waiting to be ground ^^
Even though I don't really want to play WoW anymore, it just feels like being violated for sure. It sucks to put all those hours into a hobby and have it ruined like that. It left a sick feeling in the pit of my stomach and I never want to see a WoW loading screen again or hear the music from the game.
I keep getting emails without the noreply in front.....Not that I care.......I havent played in years and could care less if they hacked it...All my information has changed soooooo........no biggie
Comments
The thing is most of the time they blame the end-user (ie us) for allowing our accounts to be hacked, but as someone pointed out it could have easily been from their end as well, the GMs may have limited control over our accounts, but the people on the phone, techies, coders, etc have near on full access to them, all it takes is one disguntered employee to copy the data, leave the company and it's payday for them, or even a laptop left on a train/stolen from home/work, Blizzard would never admit it's their end, nor would any company with personal data being handled, these things only get found out from outside sources (ie the press).
In Blizzard's case it's worrying because if it was something simple like the addons, we would know about it stright away, either the community or Blizzard would have accounced it clearly and promtely, it's just the volume of accounts been hacked since the new battlenet was put in place and with people with just SC2 reported being hacked a while back, user data has to have been leaked/stolen from somewhere, may not be from Blizzard persay could have been a 3rd party and/or site, but this is looking less and less likely to be 'user error'. TBH it would be far better if sites/games quit using our email as a login - it's far too easy to crack
Bring on the WARRRRGGHH!
Mine was hacked during a hiatus from the game. I engage in p2p file sharing So I suspect it was via this method with one of the many thousands files I download that he was able to access my password. However with relation to the promptness that blizzard dealt with the issue, doing so without me evening knowing my account had been hacked. I cannot help but suspect it was a security breach via there patch client that caused the information leak. Since they do request you to open ports. They have however done an excellent job to conceal this from the media. Or perhaps even an internal violation from members of there own staff.
But yes I am happy in the manner of which they dealt with the issue, even if my main account is now in Swedish!!!
Just curious, Garrett, do you use any add-ons or the WoW client only?
"Soloists and those who prefer small groups should never have to feel like they''re the ones getting the proverbial table scraps, as it were." - Scott Hartsman, Senior Producer, Everquest II
"People love groups. Its a fallacy that people want to play solo all the time." - Scott Hartsman, Executive Producer, Rift
Authenticator vs a trojan, useless
Authenticator vs phishing, good, still not 100%, but 99%.
At least you have a core hound.
My guess is there are simply some security holes in battlenet that Blizzard is well aware of. With that said, I'm sure they're bringing in quite a bit of cash with their authenticator program, so I'm not sure they're too concerned with fixing the problem.
I got hacked last year. It was during the weekend so I couldn't call Blizz. I instead sent them an email during the afternoon and the next morning my account was reset and all my items and toons were restored.
Well I didn't have this problem until the switch from a user name to email addresses.
I got got battle.net phished.
Add ons had nothing to do with it, just cuz I wasn't even active for a year. They probably saw a forum post I had, saw my email addy which was the same (remedied that) and used a program to phish my random password.
It's as easy as that sadly.
Very true...and the core hound probably has the best animation routines out of all the in-game pets... :-)
i got hacked last winter. took 3 days total through email to get my account restored with more gold and items on my toons than i had before the hack plus free game time. no phone in needed.
KERPLAH!
my account got hacked a couple months ago or whatever after being wowfree for almost 2 years. got everything back i guess, haven't check because my account is basically in limbo until i finish the restoration process. it's funny to receive scam emails trying to get me to finish the process.
With regards to a 45 minute wait on the phone, here's a tip to ensure that the queue isn't so long.
Get straight to the point and don't keep the operator on the line with needless chatter about something other than your issue, such as talking about D3, or how long you had to wait etc etc.
I would imagine that the whole process may result in ppl being dealt with alot quicker, without ppl hogging the operators time with idle chit chat.
My experience with getting my account hacked was a bad one. Took weeks to get it back, had to fax forms, emails back and forth. tryied calling customer service multiple days and never was able to get through. phones were so busy, blizzard only had a recording that said "queues are completely full, call back later" type of message.
So...now I run with both PW and authenticator, friends run with both, and anyone I help get started I make sure has both set up, if possible.
I also saw a good idea of giving blizzard a special email address that they only have..
finally any email from blizzard, may not be from blizzard, spoofing occurs so you may see xyz at blizzard dot com and that may map in the mime encoding of the email to some server else where (not blizzards). So be leary of email....
my 2 cents anyway...
Have to agree, i have not been on WOW for over a year,and i have bought a new computer that has never had WOW loaded on it,or any other Blizzard (battlenet) game, my son got Starcraft 2, and gave me a limited time use account, to activate it i had to add my battle net account, did not enter it anywhere else i entered it just for Starcratf 2, not more then 2 hours later i started getting Phishing E-mails for my battlenet account, if there are no holes how did the Phishers get it so fast? when the account was for a Blizzard game?
Its just a conspiracy so Blizzard can sell over-priced authenticators to 12 million people and rake in even more $$$.
A) good luck prosecuting an account hacker for stealing items that companies do not want to put a value on.
Actually, I felt the same way when I first read the article. Didn't seem to be all that newsworthy, given that it happens to hundreds, if not thousands of people every week. Having a WoW account hacked is hardly something to get all worked up about. Then again, the fact that it's happened to somebody in the computer entertainment industry means that they have a chance to make people aware that this is happening, and that nobody is safe.
I'm glad the article was written, assuming it accomplishes the following:
1. People who read it and weren't aware of how prevalent WoW account hacking is take steps to prevent it from happening to them.
2. Somebody at Blizzard who checks the MMORPG.com web site mentions to their boss that they saw an article about WoW accounts being hacked.
Now, if only we can get it picked up by some major media, so we can finally get Blizzard to actually do something about it. Other than trying to sell us an authenticator, that is.
Getting your account back is the easy part. Getting all your gear and accumulated goodies squared away, across a dozen characters on three different servers, is more of a hassle. If you had your own guild bank, that's more trips to the mailbox to retrieve your recovered items. If you had access to a shared guild bank, have a good time returning everything that was stolen from your friends while your account was being ransacked.
There's nothing to recovering your account. The nightmare is trying to get the mess sorted out once you're back in. That's something they don't have a quick fix for.
Funny enough, when it happened to me, it was a few weeks after I'd taken a hiatus from the game too. It was supposed to be a temporary break but became a permanent one after the incident. It was the final nail in the WoW coffin for me.
I basically had the same experience as you, except with only waiting 20mins on the phone. It actually made me respect Blizzard a whole lot more because back in 2005 my account was hacked as well and I waited 2+ hrs for a representative.
He who keeps his cool best wins.
You shouldn't get relieved if you have authenticator. It might be safer but it shouldn't give you the feeling that "Hey, I can now have whatever trojan i can". There is still man-in-the-middle attacks. If you cba to read the above and can't understand it, basically the trojan tricks you like you talked with WoW Login server but instead it sends your login and authenticator information to the hacker. If the hacker is online and sees this, he can easily log in to battle.net, disable your authenticator and change your password. I think recently Blizzard also found a solution for this which is to ask another authenticator code for both cancelling authenticator and/or changing password. I am not sure though, but still be careful what you download and have at least a basic antivirus like Microsoft SE.
battlenet.com send me in many times emails with warning about my acount and hacking
Not the type of report I thought I was going to read, thank you for wasting my time and making me yawn more than your 45 min wait. Here I thought WoW's News page got hacked from the email I recieved about this. I could careless about your experience, I've had plently before, good and bad, i don't need to tell the whole word, it was so pleasant this time after the 45 mins... damn guy, your life that boring?
A lot of comments here. Getting hacked was the last nail in the coffin for me playing WoW again. I got *most* of my stuff back but not all of it. I lost some important things that took a lot of grind to get. While it was fun to get those things, I wouldn't do it a second time. Worse than that, I lost all my gold and mats. I had farmed up a lot of thorium, enchanted clothes, gems, etc. All of it was gone and not replaceable since I hadn't played for a few months and they didn't have records of those things.
I just didn't want to go back and grind all that stuff up again. There are other games out there waiting to be ground ^^
Even though I don't really want to play WoW anymore, it just feels like being violated for sure. It sucks to put all those hours into a hobby and have it ruined like that. It left a sick feeling in the pit of my stomach and I never want to see a WoW loading screen again or hear the music from the game.
Only 45min? You got lucky. Try 2 hours.. They do a good job though, but the wait is just horrible..
I keep getting emails without the noreply in front.....Not that I care.......I havent played in years and could care less if they hacked it...All my information has changed soooooo........no biggie
I wonder if he name dropped to the blizz CS...
bet he did