Battle.net and the Heartbleed Vulnerability


Blizzard and Battle.net security was *not* affected by the world-shaking Heartbleed OpenSSL security failure, but Blizzard suggests you change your Battle.net password if you use the same password for any of the millions of sites that were compromised.

Many news sites are reporting a vulnerability (dubbed the Heartbleed bug) discovered in OpenSSL, an encryption technology used by a majority of websites and online services—including banks, email providers, and social media sites—to protect sensitive data as it’s transmitted from users to web services.

We want to emphasize that Battle.net’s encryption was not affected by this vulnerability. However, if you use the same password on Battle.net that you use elsewhere, your Battle.net account could be at risk if those sites were affected by this bug.

If the above situation applies to you, we recommend changing your Battle.net password to a new, unique password. As always, we recommend that you maintain separate login credentials for each online service you use. Using the same email or password across multiple services greatly increases the potential impact of any compromise.

More information about the Heartbleed vulnerability can be found at http://heartbleed.com, and you can find additional information on how to protect your Battle.net accounts at http://www.battle.net/security.

If you’re wondering which sites were affected by this, the answer is damn near “all of them.” Not Battle.net, but passwords should be changed for Facebook, Twitter, Pinterest, Yahoo, Google and Gmail, etc. Mashable has a nice rundown of the major sites that were hit, or not, and IncGamers has a good “what now?” article to talk you through the stages of grief.

Tagged As: | Categories: Battle.net, Blue Posts, Security

Comments

You're not logged in. Register or login to post a comment.
  1. I noticed this site couldn’t be bothered with ssl. I guess this sort of news isn’t going to be very encouraging.

Comments are closed.