I received this email earlier this evening and initially thought nothing of it - I figured it was a phishing scam as usual so I ignored it. That is, until I tried to log in to Diablo III for the first time in about a month. Invalid password...hm, that's weird.
I went to Battle.net and tried to log in...no such username/password combination. I tried to tell Blizzard that I forgot my password, but now my Battle.net registered email doesn't exist, so I had to go for the "I think my account got hacked" route. Oh, guess what...the answer to the secret question now isn't working either, and all of my Blizzard games were purchased digitally so I can't even give them the first six digits of one of the game codes to verify who I am.
What am I left with? I opened a support ticket and sent them a scan of my US Passport.
Here are some details:
- I recently changed my information when prompted to do so after Blizzard's most recent security breach. I did this my opening a web browser and going to Battle.net...on a Mac.
- I changed my password yet again about two weeks ago to something that I don't use for anything else that was a combination of letters, numbers, and special characters.
- I had an Android authenticator and SMS authentication attached to my account and have since the day I purchased D3.
- I am extremely careful about my computers and information. There is virtually no possibility that my login information was stolen with either a keylogger or trojan. I also am well aware of phishing scams and the like and have never revealed or even typed in any of my security information, and no one I know knows my password or could have guessed it, either.
So, there we are. I have no idea how this happened and I was as protected and careful as I possibly could have been, yet was still hacked. I haven't even played Diablo III in over a month. Great job Blizzard - get your crap together.