Tag Archive | Blizzard Entertainment

Blizzard Lawsuit Over a Data Breach

Blizzard has been in a lawsuit about data breaches and authentication issues, among data leakage. We’ve seen spam incidents before, so it’s no surprise the trouble that Blizzard has had maintaining user data.

A group of customers is suing gaming giant Blizzard Entertainment in connection with a data breach in August that resulted in user email addresses, hashed passwords and other information being stolen by attackers. The suit claims that the company did not do enough to secure users’ accounts before the compromise and that the company now is forcing users to pay for a two-factor authentication system to increase the security on their accounts.

The data breach was discovered in early August and Blizzard, which makes a number of popular online games, notified customers within a few days. The company was not specific about the timing of the breach discovery, saying only that its security team had discovered the breach that week.

“At this time, we’ve found no evidence that financial information such as credit cards, billing addresses, or real names were compromised. Our investigation is ongoing, but so far nothing suggests that these pieces of information have been accessed,” the company’s CEO, Mike Morhaime, said in a statement at the time. – Read more on threatpost

The latest updates on Blizzard also include a cleanup of the situation.


Blizzard & WoW Spam Returns with IP Warnings

The latest Blizzard spam returns with some IP warnings involved:

Click to Enlarge

Here is the full text (links removed):

Dear customer,
This is an automated notification sent from our account security system. You logined your account successfully at 4:27  on July 11th form the 125.87.108.* range, but our system shows the 125.10.151.* IP range exists a large number of hackers. As too many customer complaints, the 125.98.104.* IP range has been blacklisted.
We are concerned about whether your account has been stolen. In order to guarantee the legitimacy of your account, visit click:
website fill out some information to facilitate our investigation.
Account security is solely the responsibility of the accountholder. Please be advised that in the event of a compromised account, Blizzard representatives will typically lock the account. In these cases the Account Administration team will require faxed receipt of ID materials before releasing the account for play.
Blizzard account system
Blizzard Entertainment
As you can see, I changed the HTTPS to HXXPS, so the link doesn’t resolve (did it below, too). Anyway, that password verify link actually points to this address once clicked (please do not visit): hxxp://eu.battle.net.login.security.inspection.worldofwarcraft.xml.zh-ted.in/login.html?app=wam&ref=hxxps://www.worldofwarcraft.com/account/&eor=0&app=bam/
This is obviously a phishing attempt to try to get World of Warcraft logon information. With the email, it makes false claims and grammatical errors. The false claims are to attempt to persuade you into believing it is the real Blizzard Entertainment.
However, here is what to look for in a fake Blizzard email, that Blizzard would never ask for in the first place:
  • Any displaying of an IP address is immediate red flag. Blizzard would never post an IP address to an email.
  • Displaying of any password in an email, unless it is a confirmation email sent from Blizzard IMMEDIATELY after you register.
  • Displaying of birthdates, server locations, etc. would not be a commonality in Blizzard emails.

If you receive an email that seems to reveal information that should not be revealed, delete it! It is probably spam. After all, if Blizzard really wants to get through to you, they would ask you to contact customer service…not verify your password online.

The sender of the email had an IP address of – which can be blacklisted.

Seeing that it isn’t on most blacklists (thanks to WhatIsMyIPAddress.com:

Control spam now with SurfRight Antispam, makers of HitMan Pro secondary opinion malware scanner.

%d bloggers like this: