Gawker hack prompts Blizzard to issue password reset
by Adam Holisky 
Dec 15th 2010 at 12:00AM
Earlier we reported these emails as phishing attempts. This turned out to be incorrect. At the time these emails were received by members of our staff, there was no word from Blizzard on them, and such attempts at phishing out WoW account passwords are common after well-known hacking attempts.
Nonetheless, it is imperative that everyone uses an authenticator and employs good password security. Always watch what the links you go to are, and don't use the same password for multiple sites -- especially for your WoW account. If you do have an account with a Gawker website, it's recommended that you reset your Battle.net / World of Warcraft password.
Blizzard's full statement after the break.
Blizzard EntertainmentAs some of you know, several Gawker Media websites, including Gawker, Gizmodo, Kotaku, Lifehacker, Jezebel, io9, Jalopnik, and Deadspin, were recently compromised. To help minimize the effects of this compromise -- namely for players who might be using the same login information for their Gawker Media accounts and their Battle.net accounts -- we recently issued password-reset emails for several accounts. If you've received an email from Blizzard Entertainment requesting a password reset as a result of the Gawker Media compromise, please click on the link included in the email's body to choose a new password. You can also log in to Battle.net Account Management to reset your password on your own ( https://us.battle.net/account/management ).
If you used your Battle.net email address to sign up with any of the Gawker Media sites listed above (for example, to post comments), we also recommend that you update your Battle.net email address as soon as possible via Account Management. If you are unable to complete this step or the password reset and believe your account might be compromised, please contact our customer support staff by using the Account Recovery Form ( https://us.battle.net/account/support/account-recovery.html ) and be sure to check out our Account Security Awareness guide ( http://us.battle.net/en/security/ ) for additional security tips and suggestions.
For more information about this situation, please visit Gawker Media's official announcement ( http://gawker.com/5713056/gawker-security-breach-were-here-to-help ) or Lifehacker's comprehensive FAQ ( http://lifehacker.com/5712785/faq-compromised-commenting-accounts-on-gawker-media ).
If you used your Battle.net email address to sign up with any of the Gawker Media sites listed above (for example, to post comments), we also recommend that you update your Battle.net email address as soon as possible via Account Management. If you are unable to complete this step or the password reset and believe your account might be compromised, please contact our customer support staff by using the Account Recovery Form ( https://us.battle.net/account/support/account-recovery.html ) and be sure to check out our Account Security Awareness guide ( http://us.battle.net/en/security/ ) for additional security tips and suggestions.
For more information about this situation, please visit Gawker Media's official announcement ( http://gawker.com/5713056/gawker-security-breach-were-here-to-help ) or Lifehacker's comprehensive FAQ ( http://lifehacker.com/5712785/faq-compromised-commenting-accounts-on-gawker-media ).
Filed under: Account Security
Reader Comments (Page 1 of 6)
Amaxe Dec 15th 2010 12:06AM
Hmm, I found myself wondering if the people getting these emails might think they were phishing and delete them.
VioletArrows Dec 15th 2010 2:25AM
I did. It's like, I checked the header, and I kept looking, and even though everything checked out, they violated their number one friggin rule. :/ And then sent it to people who are already paranoid and on edge because shenanigans are already happening on other accounts?
Yeah, don't really care if it was real. Better safe than sorry.
Urza Dec 15th 2010 7:55AM
Probably, I know I would have. There shouldn't have been a link in the email though, Blizzard should have just given people text instructions on what to do.
Dave Dec 15th 2010 9:03AM
The mailer address and sent by fields are really though to forge. Moreover, the address provided was a battle.net address. That mail was authentic. When I first saw the post on the phishing attempts I thought they used a valid email instead of the phishing attempt email...
By the way google highlight valid links
hoss Dec 15th 2010 9:25AM
Email headers are easy to forge if you know how. Sure the IP addresses can't be forged but you can easily change the from address and name to your liking.
Blizzard should not put links into their emails for their players, they can easily explain where to go and we should be capible of acting on thouse instructions.
Winter Dec 15th 2010 1:49PM
I deleted the email, even though everything looked correct. I know headers can be faked for all that it's difficult -- after all, the hackers were skilled. Then I opened a whole new window, logged into Battlenet from there, and made the changes I thought best.
Basil Berntsen Dec 15th 2010 2:08PM
I didn't delete their email, but I sure as heck didn't click on any of the links, even when they appeared to be completely legit when I "copy link location"-"paste into notepad"-ed them.
Spark Dec 15th 2010 2:08PM
-----
Dave Dec 15th 2010 9:03AM
The mailer address and sent by fields are really though to forge...
-----
Those are trivial to forge. It is harder to hide the real source of an email as reported by received headers. But spammers do forge those as well in an attempt to obfuscate the source. Then it becomes a game of tracing back the mail handlers that you (think you) can trust and stopping where the trail becomes questionable. I hazard to guess that a relatively small percentage of people know to do this much less realize it's possible. And even then, it requires some technical knowledge to understand what one is reading and where the trail becomes bogus. The general rule of thumb is that unencrypted email is less trustworthy than a postcard.
Elmouth Dec 15th 2010 8:32PM
I got one and my GF got one.
Unless I
1) Can't login
2) Get a Blue pst in-game with a clear GM tag and a Gm chat window message
3) Get a phone call from blizz
I don't touch any email that pretends to have anything to do with wow.
And guess what, i've never been hacked, and my account has never had any trouble despite the millions of "Urgent" blizz mails I received in the last 4-5 years.
My GF on the other hand, I have to almost tie her up to keep her from spoon-feeding her infos. Some people are just a shitload more guillable than others, its ridiculous.
RK Dec 18th 2010 12:02AM
If you want to check your username or email address you can do it at
http://www.proto6.com/gawkcheck.php
George Dec 15th 2010 12:06AM
UGH! Blizz, c'mon, Really?
"please click on the link included in the email's body to choose a new password."
NO! Oh, God, please no!
Never, EVER click the link in the email Ever! EVAR!!!!!11111one!
Type "us.battle.net" into your address bar MANUALLY. Never take it for granted that that link goes to where they want you to think it does!
Magma Dec 15th 2010 12:22AM
If you check to be sure, the link would be fine.
brian Dec 15th 2010 1:34AM
Irony, really. After all the warnings Blizzard has given people about how to deal with phishing emails...
Couldn't they have worded that a little differently?
Sleutel Dec 15th 2010 1:44AM
Hahaha, I was scrolling down to post the exact same thing. Here they are, pushing account security... by encouraging some really terrible practices.
They definitely should have included a detailed explanation of how to reach the password reset option from the site, instead--accompanied by a reminder to never click links in emails to things that will ask you to enter your password.
Facepalm.
REDMJOEL Dec 15th 2010 4:16PM
Actually, checking is not sufficient, as there are many characters in the unicode set that look identical. There are for instance two a's -- the second is located at 1072
Kylenne Dec 15th 2010 3:08AM
That was what actually prompted me to ignore it as a phishing email when I got it.
Bynde Dec 15th 2010 10:59AM
Yeah, I thought the same thing and deleted the email. Didn't even question that it might be for real. That they wanted me to click a link indicated to me it was not legit, so their gone.
My password for gawker is not even remotly the same as the one I use for battle.net
But, I suppose it's time for me to change it anyway. Still...bad move, Blizz.
bughunter Dec 15th 2010 6:32PM
Type "us.battle.net" into your address bar MANUALLY. Never take it for granted that that link goes to where they want you to think it does!
I did that, and went to the reset page, and reset my password there... and then was unable to login for 36 hours, presumably because battle.net authentication servers can't handle nested resets, or perhaps the load of so many resets FUBARed the process.
Anyway, Blizz customer service was no help, and treated my request for them to fix the mess was a report of a hacked account. Now my account is locked down.
And my WoW password is not shared with any other account, person, nor is it even written down. PLUS, I have an authenticator.
The whole farking password reset was unnecessary to begin with... and now my account is locked because of their total, utter stupidity. I'm pissed, to say the least.
toofat2serve Dec 15th 2010 7:02PM
That certainly sucks, but has nothing to do with the quote you used. Clicking the link, even with it being legit, an performing the same action would have yeilded the same result.
Awesome McAwesome Dec 15th 2010 12:13AM
Mousing over links to check if they're legit is hard.