To all Battle.net account holders, now might be a good time to change your account password. In a post from the Blizzard website, Blizzard President Mike Morhaine said that a network breach was detected this week.
However, Blizzard found no evidence to suggest that user account information has been compromised, although a list of email addresses for global Battle.net users excluding China was accessed. In addition, the answer to the personal security question and information relating to Mobile and Dial-In Authenticators were also accessed. Finally, “cryptographically scrambled versions” of Battle.net passwords (not actual passwords) for players on North American (which includes Malaysian players) servers were taken.
However, unlike the lax security measures taken by both Amazon and Apple, the information that were accessed are not enough for hackers to gain access to individual accounts. Blizzard uses Secure Remote Password protocol (SRP) to protect these passwords, which is designed to “make it extremely difficult to extract the actual password, and also means that each password would have to be deciphered individually”.
Therefore, while there is a high chance that these Battle.net accounts might not be hacked into, some preventive measures such as changing your account passwords will eliminate the chances of your account being hacked completely.