If someone got his WoW account stolen, then because of
gave the password to someone else. Maybe you have to leave during a raid and gave a raidmember the passwort so he can play your character so the tank/healer whatever aint missing. Or you gave the password to a friend / brother or something who blurted it out somewhere else
phishing. you got an email saying anything about wow, you go to the linked website which looks like the real wow website, you enter your pw / accountname and then it's gone
unsecure password. maybe you use the same password for everything or simply change a number but else it's the same or something like that. if someone sees you typing it in once or finds out one of the passwords that person can log into all accounts of yours
sending your password to people. ie someone says "give me your account data and you can play the cataclysm beta". you think "oh great" and send your account information there
sending your password to people. someone says they will level for you, or wait for some rare mob or whatever, you think "great", give them the password
social engineering in general. your password is your favorite soccer team or something, someone knows how much you like it, simply tries all your favorite things as password and there you have it
keylogger. you open the wrong attachment in a mail or go to the wrong website, and your computer is not secure, and you already got a keylogger
Or in short: you didn't pay attention, were lazy, naive, unknowing, too trusting, stupid or anything like that. But noone simply hacks into a database and steals your account data. It's always a security problem on the side of the user. If someone "hacks" your account, then you did something wrong. I never had my account "hacked" in any MMORPG or actually in anything I remember.
So, I'm seeing a ton of these hacked account reports.
Yes, I had a WoW account, its been offline for quite sometime. I don't know if I've been hacked or anything I haven't received a SINGLE email speaking about my account in any form, but I'm also tempted that I should login and revive the account if only for a short period of time to see if I've been hacked or not, as many have said - you've been hacked but never recieved word.
This almost makes me want to see for myself. Haha.
Like someone said account hackers dont try and access your account as soon as they get hold of your information, this is counter productive the same way blizzard does not ban as soon as they see a hacking player, this would alert hackers of what systems are in fault and which ones need improvement so they fail to be detected, the same way a hacker wont login to your account right after you put your details on their fake site, because then you will report, you will post on forums that X website is a scam that Y email is a scam and they will get a handful of accounts before everyone stops giving them details, your account details could have been passed along months ago, and because nothing happened you always assumed it was safe OP.
This however seems like the new way that hackers handle things go for disabled accounts and put the authenticators on, 2 fellow guild members that had quit a few months back got the same problem their accounts were innactive when they tried to activate recently were banned for gold farming and selling, stealing WoW accounts is becoming big business, changing your password regularly and getting an authenticator is really the best you can do along with using common sense when opening emails etc..
If someone got his WoW account stolen, then because of
gave the password to someone else. Maybe you have to leave during a raid and gave a raidmember the passwort so he can play your character so the tank/healer whatever aint missing. Or you gave the password to a friend / brother or something who blurted it out somewhere else phishing. you got an email saying anything about wow, you go to the linked website which looks like the real wow website, you enter your pw / accountname and then it's gone unsecure password. maybe you use the same password for everything or simply change a number but else it's the same or something like that. if someone sees you typing it in once or finds out one of the passwords that person can log into all accounts of yours sending your password to people. ie someone says "give me your account data and you can play the cataclysm beta". you think "oh great" and send your account information there sending your password to people. someone says they will level for you, or wait for some rare mob or whatever, you think "great", give them the password social engineering in general. your password is your favorite soccer team or something, someone knows how much you like it, simply tries all your favorite things as password and there you have it keylogger. you open the wrong attachment in a mail or go to the wrong website, and your computer is not secure, and you already got a keylogger
Or in short: you didn't pay attention, were lazy, naive, unknowing, too trusting, stupid or anything like that. But noone simply hacks into a database and steals your account data. It's always a security problem on the side of the user. If someone "hacks" your account, then you did something wrong. I never had my account "hacked" in any MMORPG or actually in anything I remember.
Playing MMOs for almost 12 years and I had never had an account "hacked" or anything in any game I had played either until it happened to my WoW account in December. An account that had been inactive since 2006. And no, I never received any emails from blizzard, especially ones asking me to click links (which, working in internet and network security for awhile I know better than to do... I lecture people on it all the time) I havent even been to a wow site or wow related site since 2006. I have never been to a PL service site or a RMT site either or use any kind of addons or interface mods in the games I play. I also never share my account information, not even my HUSBAND has my info, additional to that each of my game accounts uses different screen names and passwords, and my passwords are random numbers and letters, with at least 2 captial letters. I don't know how my account got hacked, I know that I did everything possible to keep the account secure, and did none of the stuff people keep insisting I had to have done for my account to get hacked and it still happened. When I called blizzard support, the rep even confirmed to me that they have seen an unusually high rate of accounts getting compromised within the last few months. I think with the sheer number of people reporting it happening its clear that hackers have somehow found another new way to come by our account info, and you can't just sit there say we are ALL stupid naive people who have no idea what we are doing, because we arent.
Haven't played WOW in years and haven't gotten a notice yet. Something happened though first with Aion then with WOW - and they must have some idea inside the industry because LOTRO put up a big notice suggesting that everyone change their passwords just to be sure they were safe.
It might be the case that some people use the same user name and/or password on other games or web sites (like this one). It could also be a closely related password.
This would explain why unused accounts get hacked...
Afterthought: e-mail addresses being used as user name doesn't make the situation better.
It might be the case that some people use the same user name and/or password on other games or web sites (like this one). It could also be a closely related password. This would explain why unused accounts get hacked... Afterthought: e-mail addresses being used as user name doesn't make the situation better.
You are right about that, email address being the login doesn't make the situation better at all and I hated that they did that. Which is why when the switch over happened, I made a dummy email just for WoW.
All of my accounts for games/emails whatever, have different logins and passwords which I randomly make up using letter number combos with caps, so none are the same or even similar. People can say I had a keylogger all they want, but even if I did, how is a keylogger going to log a password or username I didn't type in for almost 3 years. That is 3 years and 3 computers since my account was canceled, 3 years of not going to a single wow related site and of NOT getting any kind of emails from blizzard to click on, and 3 years worth of daily virus and maleware scans that never picked up any keyloggers (before or after I tried to reactivate my account and it got hacked the day after), Keyloggers aren't so sophisticated they cant be found btw, even the first thing blizzard does when you report your account hacked is to run a basic virus scan because it will find any loggers that could be on your computer.
Again, I don't know how I got hacked, and I don't exactly place blame on blizzard or think its a conspiracy they are behind, because there are several games who are having similar issues right now, but I do find it really odd and find the sheer incline of hacked accounts to be a bit concerning, and hope that it gets noticed by the devs running these games and looked into a bit more.
Question: Has anyone's account been compromised that uses an authenticator? (sorry if someone already mentioned this. I didn't read through the whole thread)
Never heard of it yet. The authenticator use the same devices used by some online banking systems. Luckily, it is still relatively safe. Unless hacking your WoW account can bring millions of dollars profit to a hacker, the hacker would rather not waste his time trying to beat an authenticator.
Question: Has anyone's account been compromised that uses an authenticator? (sorry if someone already mentioned this. I didn't read through the whole thread)
I am rather sure you would be quite safe with the authenticator. I ended up getting one after my account was hacked so I can be a bit more worry free.
Same thing happened to me. Haven't played since august. Got an email from an in game friend asking me how I was doing and wondered why I wasn't saying hello to him in game.
Tried to log onto my blizzard account and while I was able to change my password via email I was not able to go beyond that stage due to the fact someone had place an "authenticator" on my account.
I called Blizz and the rep confirmed to me that my account was being played from an IP address in China.
We went through the process of removing the authenticator so I could access the account and change my password again.
I thanked him...He thanked me and 1 hour later I get an email banning the account for "identified exchanging, or contributing to the exchange of, in-game property (items or gold) for "real-world" currency".
I'm on day 2 of straightening this all out but at no time did Blizzard give me the impression that I was going to lose the account (other than the email I got).
This is the first time anything like this has happened to me.
There are so many possibilities out there for getting a WoW password. Do you really think that running 100 firewalls and antiviruses will give you 100% protection?
Also, "hackers" will never open an account as soon as they hacked it, they'll wait to get a huge number of them until they start looking into them.
Oh come, stop blaming the "user"
It is not at all impossible as well that someone leaked accounts through blizzard somehow, if someone can hack a mainframe a well known website like eBay or Amazon that probably have billions of money spent into protection (which has happened by the way). Don't you think its possible somewhere there was a screw up and someone smart enough got a lot of accounts through leaks.
I am tired of people saying oh you had a "virus, or a keylogger, or you went to a website that phished your account." Yes probably 7/10 times that is true maybe even 9/10, but it isn't always! I have had my account as well as my dad's account who we both play on different computers, hacked and compromised. We went in depth, ran every virus scan we could think of and came back with nothing found, not even a little bit of malware or something that was remotely "phishy". We are both compute programmer's as well and have been using computers forever so we are not people who just use them every now and then.
Also I am not saying that maybe it was blizzard's website that got leaked, but it could have been a website that maybe people log-in to that is somehow related to WoW. A lot of people use the same password for forums/game sites/review sites as their own account ( I fell under this category. Yes I know that was dumb of me, and I no longer do this I pretty much keep all my internet passwords seperate from game accounts, but honestly I never had a problem like this until WoW.) AND this is why I think the whole Battle.Net thing was actually a bad Idea for it to use your e-mail as your account name.
Here is why I think that... Let's say what I said above about using the same password as a forum board. That forum gets leaked and somehow someone get's access to a lot of accounts on that forum. Well now all that person has to do is look at what the password that user was using and THEN look at what e-mail they used to register to that forum. Because I don't know a single forum these days that does not require a e-mail to register. So therefore you have basically all your information for a WoW account right there. As in back before Battle.NET accounts maybe they got your password but what if you used a different login name for WoW and for this Forum. No way they were going to happen to Guess both. I am not saying I don't like Battle.NET because I think it is a great way to manage games, but I honestly think using e-mails for account names is a bad idea. This is just my 2 Cents
There are so many possibilities out there for getting a WoW password. Do you really think that running 100 firewalls and antiviruses will give you 100% protection?
Also, "hackers" will never open an account as soon as they hacked it, they'll wait to get a huge number of them until they start looking into them.
Oh come, stop blaming the "user"
It is not at all impossible as well that someone leaked accounts through blizzard somehow, if someone can hack a mainframe a well known website like eBay or Amazon that probably have billions of money spent into protection (which has happened by the way). Don't you think its possible somewhere there was a screw up and someone smart enough got a lot of accounts through leaks.
I am tired of people saying oh you had a "virus, or a keylogger, or you went to a website that phished your account." Yes probably 7/10 times that is true maybe even 9/10, but it isn't always! I have had my account as well as my dad's account who we both play on different computers, hacked and compromised. We went in depth, ran every virus scan we could think of and came back with nothing found, not even a little bit of malware or something that was remotely "phishy". We are both compute programmer's as well and have been using computers forever so we are not people who just use them every now and then.
Also I am not saying that maybe it was blizzard's website that got leaked, but it could have been a website that maybe people log-in to that is somehow related to WoW. A lot of people use the same password for forums/game sites/review sites as their own account ( I fell under this category. Yes I know that was dumb of me, and I no longer do this I pretty much keep all my internet passwords seperate from game accounts, but honestly I never had a problem like this until WoW.) AND this is why I think the whole Battle.Net thing was actually a bad Idea for it to use your e-mail as your account name.
Here is why I think that... Let's say what I said above about using the same password as a forum board. That forum gets leaked and somehow someone get's access to a lot of accounts on that forum. Well now all that person has to do is look at what the password that user was using and THEN look at what e-mail they used to register to that forum. Because I don't know a single forum these days that does not require a e-mail to register. So therefore you have basically all your information for a WoW account right there. As in back before Battle.NET accounts maybe they got your password but what if you used a different login name for WoW and for this Forum. No way they were going to happen to Guess both. I am not saying I don't like Battle.NET because I think it is a great way to manage games, but I honestly think using e-mails for account names is a bad idea. This is just my 2 Cents
I agree,
But problem is the fact that
Most of the people getting Hacked (WERE INACTIVE WoW owners ) whom hadnt did the WoW link to Bnet thing yet.
Thats just plain old Strange!!
My Account got hacked after I quit WoW, which was before the Bnet merge. They way I found out was when I decided to come back to wow, and got the message about the account info invalid.
I dont use the Same PW for my Account. That info was totally Random compared to the other Emails and PWs I use. I wana know how the Hacker get thsi info, if I never loged it to play WoW.
I wana know what Blizzard is going to do about this. This seems bad.
There are so many possibilities out there for getting a WoW password. Do you really think that running 100 firewalls and antiviruses will give you 100% protection?
Also, "hackers" will never open an account as soon as they hacked it, they'll wait to get a huge number of them until they start looking into them.
Oh come, stop blaming the "user"
<<snip>>
Here is why I think that... Let's say what I said above about using the same password as a forum board. That forum gets leaked and somehow someone get's access to a lot of accounts on that forum. Well now all that person has to do is look at what the password that user was using and THEN look at what e-mail they used to register to that forum. Because I don't know a single forum these days that does not require a e-mail to register. So therefore you have basically all your information for a WoW account right there. As in back before Battle.NET accounts maybe they got your password but what if you used a different login name for WoW and for this Forum. No way they were going to happen to Guess both. I am not saying I don't like Battle.NET because I think it is a great way to manage games, but I honestly think using e-mails for account names is a bad idea. This is just my 2 Cents
That is just one possible scenario that few people understand is a possible way their account was compromised.
However, the result is still the fault of the user. They chose their name and password. Reusing passwords all over the internet isn't safe. Chosing a login ID that you regularly post on the internet isn't safe.
Blizzard changing the account policy to require an email just made this situation worse, but in the end it is the fault of users not being responsible enough with their login details. Direct fault of their own or not, they are the ones who left the pieces of information laying around for a clever person to piece together.
Originally posted by tro44_1 I agree, But problem is the fact that Most of the people getting Hacked (WERE INACTIVE WoW owners ) whom hadnt did the WoW link to Bnet thing yet. Thats just plain old Strange!! My Account got hacked after I quit WoW, which was before the Bnet merge. They way I found out was when I decided to come back to wow, and got the message about the account info invalid. I dont use the Same PW for my Account. That info was totally Random compared to the other Emails and PWs I use. I wana know how the Hacker get thsi info, if I never loged it to play WoW. I wana know what Blizzard is going to do about this. This seems bad.
same thing im experiencing, I just got my Bnet account and when I tried to add WoW it said it was already linked to another account... like wtf
Comments
If someone got his WoW account stolen, then because of
Or in short: you didn't pay attention, were lazy, naive, unknowing, too trusting, stupid or anything like that. But noone simply hacks into a database and steals your account data. It's always a security problem on the side of the user. If someone "hacks" your account, then you did something wrong. I never had my account "hacked" in any MMORPG or actually in anything I remember.
Let's play Fallen Earth (blind, 300 episodes)
Let's play Guild Wars 2 (blind, 45 episodes)
So this makes you an expert on the subject?
So, I'm seeing a ton of these hacked account reports.
Yes, I had a WoW account, its been offline for quite sometime. I don't know if I've been hacked or anything I haven't received a SINGLE email speaking about my account in any form, but I'm also tempted that I should login and revive the account if only for a short period of time to see if I've been hacked or not, as many have said - you've been hacked but never recieved word.
This almost makes me want to see for myself. Haha.
Like someone said account hackers dont try and access your account as soon as they get hold of your information, this is counter productive the same way blizzard does not ban as soon as they see a hacking player, this would alert hackers of what systems are in fault and which ones need improvement so they fail to be detected, the same way a hacker wont login to your account right after you put your details on their fake site, because then you will report, you will post on forums that X website is a scam that Y email is a scam and they will get a handful of accounts before everyone stops giving them details, your account details could have been passed along months ago, and because nothing happened you always assumed it was safe OP.
This however seems like the new way that hackers handle things go for disabled accounts and put the authenticators on, 2 fellow guild members that had quit a few months back got the same problem their accounts were innactive when they tried to activate recently were banned for gold farming and selling, stealing WoW accounts is becoming big business, changing your password regularly and getting an authenticator is really the best you can do along with using common sense when opening emails etc..
Playing MMOs for almost 12 years and I had never had an account "hacked" or anything in any game I had played either until it happened to my WoW account in December. An account that had been inactive since 2006. And no, I never received any emails from blizzard, especially ones asking me to click links (which, working in internet and network security for awhile I know better than to do... I lecture people on it all the time) I havent even been to a wow site or wow related site since 2006. I have never been to a PL service site or a RMT site either or use any kind of addons or interface mods in the games I play. I also never share my account information, not even my HUSBAND has my info, additional to that each of my game accounts uses different screen names and passwords, and my passwords are random numbers and letters, with at least 2 captial letters. I don't know how my account got hacked, I know that I did everything possible to keep the account secure, and did none of the stuff people keep insisting I had to have done for my account to get hacked and it still happened. When I called blizzard support, the rep even confirmed to me that they have seen an unusually high rate of accounts getting compromised within the last few months. I think with the sheer number of people reporting it happening its clear that hackers have somehow found another new way to come by our account info, and you can't just sit there say we are ALL stupid naive people who have no idea what we are doing, because we arent.
Haven't played WOW in years and haven't gotten a notice yet. Something happened though first with Aion then with WOW - and they must have some idea inside the industry because LOTRO put up a big notice suggesting that everyone change their passwords just to be sure they were safe.
It might be the case that some people use the same user name and/or password on other games or web sites (like this one). It could also be a closely related password.
This would explain why unused accounts get hacked...
Afterthought: e-mail addresses being used as user name doesn't make the situation better.
You are right about that, email address being the login doesn't make the situation better at all and I hated that they did that. Which is why when the switch over happened, I made a dummy email just for WoW.
All of my accounts for games/emails whatever, have different logins and passwords which I randomly make up using letter number combos with caps, so none are the same or even similar. People can say I had a keylogger all they want, but even if I did, how is a keylogger going to log a password or username I didn't type in for almost 3 years. That is 3 years and 3 computers since my account was canceled, 3 years of not going to a single wow related site and of NOT getting any kind of emails from blizzard to click on, and 3 years worth of daily virus and maleware scans that never picked up any keyloggers (before or after I tried to reactivate my account and it got hacked the day after), Keyloggers aren't so sophisticated they cant be found btw, even the first thing blizzard does when you report your account hacked is to run a basic virus scan because it will find any loggers that could be on your computer.
Again, I don't know how I got hacked, and I don't exactly place blame on blizzard or think its a conspiracy they are behind, because there are several games who are having similar issues right now, but I do find it really odd and find the sheer incline of hacked accounts to be a bit concerning, and hope that it gets noticed by the devs running these games and looked into a bit more.
Question: Has anyone's account been compromised that uses an authenticator?
(sorry if someone already mentioned this. I didn't read through the whole thread)
Never heard of it yet. The authenticator use the same devices used by some online banking systems. Luckily, it is still relatively safe. Unless hacking your WoW account can bring millions of dollars profit to a hacker, the hacker would rather not waste his time trying to beat an authenticator.
I am rather sure you would be quite safe with the authenticator. I ended up getting one after my account was hacked so I can be a bit more worry free.
Same thing happened to me. Haven't played since august. Got an email from an in game friend asking me how I was doing and wondered why I wasn't saying hello to him in game.
Tried to log onto my blizzard account and while I was able to change my password via email I was not able to go beyond that stage due to the fact someone had place an "authenticator" on my account.
I called Blizz and the rep confirmed to me that my account was being played from an IP address in China.
We went through the process of removing the authenticator so I could access the account and change my password again.
I thanked him...He thanked me and 1 hour later I get an email banning the account for "identified exchanging, or contributing to the exchange of, in-game property (items or gold) for "real-world" currency".
I'm on day 2 of straightening this all out but at no time did Blizzard give me the impression that I was going to lose the account (other than the email I got).
This is the first time anything like this has happened to me.
They told you the IP was from China? If that's true... hmmm... who was it that got hacked recently by people in China? Oh yea, Google. oO
-iCeh
Oh come, stop blaming the "user"
It is not at all impossible as well that someone leaked accounts through blizzard somehow, if someone can hack a mainframe a well known website like eBay or Amazon that probably have billions of money spent into protection (which has happened by the way). Don't you think its possible somewhere there was a screw up and someone smart enough got a lot of accounts through leaks.
I am tired of people saying oh you had a "virus, or a keylogger, or you went to a website that phished your account." Yes probably 7/10 times that is true maybe even 9/10, but it isn't always! I have had my account as well as my dad's account who we both play on different computers, hacked and compromised. We went in depth, ran every virus scan we could think of and came back with nothing found, not even a little bit of malware or something that was remotely "phishy". We are both compute programmer's as well and have been using computers forever so we are not people who just use them every now and then.
Also I am not saying that maybe it was blizzard's website that got leaked, but it could have been a website that maybe people log-in to that is somehow related to WoW. A lot of people use the same password for forums/game sites/review sites as their own account ( I fell under this category. Yes I know that was dumb of me, and I no longer do this I pretty much keep all my internet passwords seperate from game accounts, but honestly I never had a problem like this until WoW.) AND this is why I think the whole Battle.Net thing was actually a bad Idea for it to use your e-mail as your account name.
Here is why I think that... Let's say what I said above about using the same password as a forum board. That forum gets leaked and somehow someone get's access to a lot of accounts on that forum. Well now all that person has to do is look at what the password that user was using and THEN look at what e-mail they used to register to that forum. Because I don't know a single forum these days that does not require a e-mail to register. So therefore you have basically all your information for a WoW account right there. As in back before Battle.NET accounts maybe they got your password but what if you used a different login name for WoW and for this Forum. No way they were going to happen to Guess both. I am not saying I don't like Battle.NET because I think it is a great way to manage games, but I honestly think using e-mails for account names is a bad idea. This is just my 2 Cents
Oh come, stop blaming the "user"
It is not at all impossible as well that someone leaked accounts through blizzard somehow, if someone can hack a mainframe a well known website like eBay or Amazon that probably have billions of money spent into protection (which has happened by the way). Don't you think its possible somewhere there was a screw up and someone smart enough got a lot of accounts through leaks.
I am tired of people saying oh you had a "virus, or a keylogger, or you went to a website that phished your account." Yes probably 7/10 times that is true maybe even 9/10, but it isn't always! I have had my account as well as my dad's account who we both play on different computers, hacked and compromised. We went in depth, ran every virus scan we could think of and came back with nothing found, not even a little bit of malware or something that was remotely "phishy". We are both compute programmer's as well and have been using computers forever so we are not people who just use them every now and then.
Also I am not saying that maybe it was blizzard's website that got leaked, but it could have been a website that maybe people log-in to that is somehow related to WoW. A lot of people use the same password for forums/game sites/review sites as their own account ( I fell under this category. Yes I know that was dumb of me, and I no longer do this I pretty much keep all my internet passwords seperate from game accounts, but honestly I never had a problem like this until WoW.) AND this is why I think the whole Battle.Net thing was actually a bad Idea for it to use your e-mail as your account name.
Here is why I think that... Let's say what I said above about using the same password as a forum board. That forum gets leaked and somehow someone get's access to a lot of accounts on that forum. Well now all that person has to do is look at what the password that user was using and THEN look at what e-mail they used to register to that forum. Because I don't know a single forum these days that does not require a e-mail to register. So therefore you have basically all your information for a WoW account right there. As in back before Battle.NET accounts maybe they got your password but what if you used a different login name for WoW and for this Forum. No way they were going to happen to Guess both. I am not saying I don't like Battle.NET because I think it is a great way to manage games, but I honestly think using e-mails for account names is a bad idea. This is just my 2 Cents
I agree,
But problem is the fact that
Most of the people getting Hacked (WERE INACTIVE WoW owners ) whom hadnt did the WoW link to Bnet thing yet.
Thats just plain old Strange!!
My Account got hacked after I quit WoW, which was before the Bnet merge. They way I found out was when I decided to come back to wow, and got the message about the account info invalid.
I dont use the Same PW for my Account. That info was totally Random compared to the other Emails and PWs I use. I wana know how the Hacker get thsi info, if I never loged it to play WoW.
I wana know what Blizzard is going to do about this. This seems bad.
Oh come, stop blaming the "user"
<<snip>>Here is why I think that... Let's say what I said above about using the same password as a forum board. That forum gets leaked and somehow someone get's access to a lot of accounts on that forum. Well now all that person has to do is look at what the password that user was using and THEN look at what e-mail they used to register to that forum. Because I don't know a single forum these days that does not require a e-mail to register. So therefore you have basically all your information for a WoW account right there. As in back before Battle.NET accounts maybe they got your password but what if you used a different login name for WoW and for this Forum. No way they were going to happen to Guess both. I am not saying I don't like Battle.NET because I think it is a great way to manage games, but I honestly think using e-mails for account names is a bad idea. This is just my 2 Cents
That is just one possible scenario that few people understand is a possible way their account was compromised.
However, the result is still the fault of the user. They chose their name and password. Reusing passwords all over the internet isn't safe. Chosing a login ID that you regularly post on the internet isn't safe.
Blizzard changing the account policy to require an email just made this situation worse, but in the end it is the fault of users not being responsible enough with their login details. Direct fault of their own or not, they are the ones who left the pieces of information laying around for a clever person to piece together.
same thing im experiencing, I just got my Bnet account and when I tried to add WoW it said it was already linked to another account... like wtf