Patch 5.2 interview with Dave Kosak
Inside an old alt's vault
The latest patch 5.2 news
All of the latest Mists of Pandaria newsAccount Administration encouraged not to restore hacked characters
by Adam Holisky 
Jan 8th 2010 at 11:00AM
Please see the update to this original post.
If the player does not accept this care package, they are then forced to go into a character restoration queue that is consistently several days to weeks long. According to sources familiar with the situation, this "care package policy" has been implemented in order to lighten the work load of those Blizzard employees who perform account restorations. Similar policies have existed at other times account compromises have been high, such as during the transition from Vanilla WoW to The Burning Crusade.
This care package being offered consists of the following:
- 2,500 gold
- 2 Emblems of Frost
- 10 Emblems of Triumph for every day the players has had to wait to receive the care package
WoW.com believes that this practice, while potentially making some sense logistically, stands firmly against the best interest of the players. Sources that we have spoken with tell us most account administrators do not agree with this policy, however their hands are tied due to Blizzard management (it is their job, after all, and they have to do as they're told).
WoW.com believes Blizzard can do a better job at solving long restoration queue times without placing player's hard work as a secondary concern. Instead of offering players a care package, Blizzard can employ more staff, and as we will discuss in a later post, train those staff in better ways to prevent account compromises and exploitation. The serious consideration given to mandatory authenticators is also part of this solution.
Filed under: Blizzard, News items, Account Security
Reader Comments (Page 20 of 21)
onecentsmrt8563 Jan 8th 2010 6:58PM
Or, you please list your sources that say the majority of compromises were from smart individuals being hacked from a compromised site that is usually a very trusted and upstanding site.
Occam's Razor, the simplest explanation is the most likely one. Either lots of people are gullible suckers, morons, or unable to comprehend the internet or lots of trusted websites are being hacked constantly.
The problem has not gotten worse, actually. I'd ask you to reference your source for that, but I know you don't have one. The number of hacked accounts has not changed significantly at all recently. If anything, there has been a slight increase that directly correlates to the increase in active accounts, which is nothing to worry about. For the record, I can find you multiple official Blizzard responses proving this, but I'll wait for you to give me something credible that you think proves your side.
jair Jan 8th 2010 7:16PM
Please read my post again, I never stated I know anything about how many are hacked and for what reason. I only asked how you knew. I have no sources, because I have no idea. I'd just like to think that players are getting smarter, not dumber.
Pretty much agree with your second part.
I have been under the impression, potentially incorrectly, that hacking has been a growing, not steady, problem. It ebbs and flows at times, but is currently growing. I could be wrong, I have no sources, other than what i have read here, on other forums, and in conversation with fellow players. I could be wrong in that assumption. I have -zero- official sources to back this up. I would question whether a blue poster would be 100% honest and forthcoming about the state of account security, however. Posting a 'sky is falling' message in the forums would lose customers. I know I've never worked for any place that has aired its dirty laundry to the customer.
Finally, personally I would look at it this way: Even if hacking cases are staying steady, if the percentage of players with authenticators is increasing nominally, which I believe is the case, hacking issues should be decreasing. If they are not decreasing, then more work must be done to fix this problem.
I have no official sources for any of this, it is only my opinion!
Brantor Jan 8th 2010 7:00PM
Ive always found it very simple to keep your account safe. I don't use a authenticator, but only because I am very cautious about what I say and do while playing WoW. And many of the people who are severely hacked aren't as cautious as they should be. They freely give out there information to websites that offer gold or power-leveling. Or even that spam mail you get in game about claiming your gift at a specific website, specifically what Blizzard has warned players before about how they never contacting via in game mail, only through a secured email address. I don't see how Blizzard can make it any simpler for a safe experience. Just follow the rules that Blizzard has laid out to help you avoid this situation. Don't buy gold, don't power level, and don't do things that Blizzard has warned every player multiple times.
johnh Jan 11th 2010 6:16AM
Well...the bad news is this...I always considered myself an intelligent and fairly computer savvy hardcore gamer. I never fell for any of those stupid advertisements..never even went to a website that sold gold, and never shared with ANYONE any account information...and last night i was HACKED. There is the remote possibility that I was keylogged I suppose, but i believe there is a hole in battle.net they have figured out how to exploit. They were able to change my password without using my email, and at one point two of my toons were standing right next to each other. I had friends watching as this all happened. If, i was not keylogged, and, there is always a possibility that i was, despite how careful i am, then this is true HACKING ladies and gentlemen. I am all for mandatory authenticators if they include it in the game package or give existing players one. I will definitely use one from now on. BTW...I was able to sort of stop them by finally managing to change the password by email and then startling them by walking up to them with my other toon. I was able to cancel about half the auctions. But all of my soulbound high level gear had already been vendored and was long gone. Good news is the HACKER deleted all of my friends and put the toon he mailed the gold to in my friends list so he could mail faster. He left so fast, that he forgot to delete his toons name. GOTCHA!
nic4rest23 Jan 8th 2010 7:19PM
blizzard needs more money..they gave people your info to get hacked so you'd be forced to buy a authenticator. its true.
Sleutel Jan 8th 2010 7:32PM
Christ on a crutch, Blizz. You're raking in money hand over fist, and instead of setting some of those profits aside to improve the service that your customers pay for, to RESTORE IT TO THE LEVEL it was at before this further leap in popularity, you look for quick and easy ways to weasel out of providing it?
Sigh.
onecentsmrt8563 Jan 8th 2010 8:01PM
Do you enjoy reading titles of posts and maybe the first 1 or 2 lines and then ignoring the rest before posting? Here's an idea, read the whole issue. No one told AA to not restore accounts, no one is being forced into this pre-designed restore. Its 100% option and if you don't like the idea, then instead of acting childish and complaining you can just say "No" and they'll restore your account like normal.
They're trying to cut down on queue times and people like you still find something to complain about.
Sleutel Jan 8th 2010 8:53PM
@onecentsmrt8563:
Do you enjoy reading maybe the first one or two lines of comments and then seeing what conclusions you can jump to?
I realize that Blizz is offering this as an ALTERNATIVE to a full account restoration. However, the fact remains they're doing this rather than ACTUALLY ADDRESSING the problems that are causing unacceptably long queue times for restoration and other issues that require a GM's attention. People who don't accept this terrible excuse for a sop are stuck with ridiculous wait times to have their characters restored to the state they should be in.
When was the last time you opened a ticket and got back anything but that "We're experiencing an unusually high volume of tickets" message? It's not an unusual volume: it's the new standard. But Blizzard has yet to adjust their staffing accordingly.
Nasgul Jan 8th 2010 8:11PM
In situations such as this, broad, sweeping generalizations do much more harm than good. You simply cannot state that every person that gets hacked deserves it for not protecting their account. Yes, it is quite stupid to walk into a serial killer's home and start shouting obscenities, or to leave their door wide open while away from the home, but just because you can draw parallels between those courses of action and getting hacked, does not mean that they are accurate.
I can just as easily say that getting conned into giving away your account information is the equivalent of being goaded into giving out your social security number or bank account information. It may make you feel more secure to say that the victim was an idiot and thus deserved to lose something that they didn't take the proper steps to protect, but there is legal precedence that proves that the majority of our society is of the belief that the victim of a malicious act is not at fault simply because they could have done something differently.
When a con artist bilks a gullible mark out of their hard earned dollars, it is a crime. The con artist is a criminal, and the victim, although maybe not the sharpest tool in the shed, deserves justice and, where possible, reparations from the criminal. It amazes me how such a simple concept can be turned on its head for the sole purpose of providing a security blanket to the uninformed. Put a little thought into what you are saying, if someone is raped, or murdered, no matter the extent of their own missteps, that still makes the aggressor a rapist or murderer.
When someone's account is hacked, they are still the victim of a crime, and the fact that Blizzard recognizes this and is making an attempt to justify a wrong that they are not necessarily guilty of committing, or allowing, is not representative of anything except intelligent business in regards to customer service. No, they don't have to offer anything to victims of hacking or account theft, but they do, because in the long run the beneficial effects of helping those who are screwed by the many scammers vastly outweigh the cost of the extra customer service.
In short, don't blame the victim, do feel free to educate them, and certainly don't fault Blizzard for taking the extra steps necessary to ensure the continued success of their product.
Robert Staszek Jan 11th 2010 5:01PM
WOW, I just had my account hacked on Dec. 13th.... I didn't get it back until Dec. 26th. However, Blizz was able to restore EVERYTHING. I was also a Co-GM and I got everything back from the Guild Bank too. Looks like I got my request in just in time.... Thank goodness my Authenticator is on it's way.
kate Jan 8th 2010 9:57PM
The headline has got to be one of the most misleading I have read outside a tabloid newspaper. Has wow.com been taken over by News International?
You'd have to have your head in the sand not to realise that the GM queue has been growing exponentially lately. This is merely Blizzard's attempt to shorten it. This benefits everyone.
Regarding "SLAP IN THE FACE" comments, I think a lot of people with geared-up 80s forget the state that 90% of the players on their server are in. For them, the care package would be a massive upgrade. Ultimately, no-one's being forced to take the 'care package'. If you want a full restore, just reject the offer.
BlazeEagle Jan 8th 2010 11:29PM
Sometimes it IS the victims fault that their account gets compromised & to claim otherwise is pure naivete & bull! For a simple example, Having ones log in credentials written on a sticky note stuck to the side of their screen IS the victims fault.
Even being tech savvy is no guarantee a player is completely safe from an account being compromised. Some folks experience makes them arrogant & their brain deteriorates & they get a false sense of security.
Usually, Being experienced & knowledgeable helps to keep one reasonably safe but everyone makes mistakes at one time or another.
This is a case by case issue.
Penzo8890 Jan 9th 2010 2:13AM
This is completely wrong. First all of Account Administration has NOTHING to do with the restoration process. This character restoration "care package" will only speed up the restoration process if you choose to accept it. If you decline this package, you will go back into the queue right where you left off. You won't miss any time whatsoever. Not sure where you get your information, but its completely miss. Stop posting retarded shit like this whenever Blizzard actually does a GOOD move for you fucking morons who get compromised 5 times in a month.
acharenus Jan 9th 2010 2:46AM
Sure would be nice if bliz shipped to where i live, or if bliz could stock enough authenticators even if they did.
Everyone who preaches the virtues of authenticators should really step back and think about it for a moment, these things don't grow on trees.
Having said that i've never been hacked though many of my guildys have i've also done stupid shit before, followed links i shouldn't have. I'm lucky but i thank firefox and no script for my accounts continued security.
Yukazi Jan 9th 2010 3:31AM
So, theoretically I could get 600 Emblems of Triumph on my old T7 Warlock that I still can't access? I must investigate!
Ronin Jan 9th 2010 12:53PM
I really don't understand the tone of this article. All Blizz is doing is offering the "Package" as an option to those who prefer it to waiting in the queue to get their characters restored. Yet the article makes it sound like Blizz is trying to deny account restorations. Not very responsibly written, IMO.
wow Jan 9th 2010 1:55PM
WOW (no pun intended) you people have some ideas on how this stuff works.
This one takes the cake:
"Wal-mart doesn't replace my TV if I hand it to a burglar, Blizzard shouldn't replace your gear/items/gold/badges if you hand them to an account thief."
Uhh let me CORRECT your analogy to be more "accurate" for you.
Walmart keeps your TV "IN" walmart. all you get is a "code" to access the walmart room where your TV is stored.
Someone hacks your "code" and walmart PERMITS them to USE your code even though they are not you and they steal your TV "FROM" the walmart storage room.
NOW who is at fault?
THATS a more correct analogy for you.
Security should be pretty easy. Require people to REGISTER their IP address and mac address. If you attempt to access from a different IP or MAC you need to register those and prove its you. This authenticator thing should work quite nicely for that.
you log in. Error your IP or MAC is different please enter your authenticator code to continue.
when a COMPANY stores the data the COMPANY should be responsible for that data.
I have no say in Blizzards security. I have no say in where my WOW data is stored I have no say in any of that so I should have no fault in its loss (save for gross neglect)
SpamKiller Jan 9th 2010 4:17PM
Really? Man, tons of people who haven't had their account hacked seem to have the answer. I just got hacked on Monday night and it really sucks. All my gold, items, two toons transfered and stripped, etc. i am a IT professional and have been in the business over fifteen years. I teach classes at a local college on computer\network security. I got hacked, don't think you can't! Is this my fault? Hardly. I cannot come up with a reason why it would be. I understand compromises and how social engineering works. i don't play that game and know all the signs of someone on my network or pc at that matter.
I do wish i would have gotten the authenticator before now. Blizz assures me that i will get my toons and stuff back but at what price? I don't feel safe playing anymore or know if i actually will continue to play. Who knows how this happened. I cannot figure it out. One of my long time Wow buddies brought up the idea that maybe its all just a conspiracy... Think about that for a moment. Who really benefits from tightening up security with selling $6 key fobs?....
ChromeBallz Jan 9th 2010 5:11PM
While it's true that you can't be 100% safe against hacking even if you tak precautions, it is true that the vast majority of people who do get hacked are not running an AV or firewall and usually are very eager to open any and all mails they get from "friends". In at least 90% of the cases it's a simple matter of not bothering to know enough about computers.
This is something i see a lot with friends of mine, even people who fancy themselves "experts" (they usually just play a lot of games). Their computers are riddled with spyware because they don't bother to take even the simplest precautions, and they usually don't bother to delve a little further into things like account security. If they get a mail from a scammer which looks "Blizzard"-y enough, they will follow the link and "log in" to get their reward.
Even though a lot of people will never admit it, it's almost always their own fault when something goes wrong with their computer, whether it's account theft or anything else. I know that personal experience doesn't count for much apparently, but i can tell you that in the last 10 years i could trace back every single thing that went wrong on my PC's to something i did myself. I like to consider myself as an advanced user, and if i am constantly making mistakes, what would you think novices are doing all the time and blaming everyone else for?
Making authenticators mandatory helps, but it would help a lot more if everyone took a refresher course on how to use a computer properly.
GEK Jan 9th 2010 5:21PM
I never got hacked, then again im not stupid.