@AiurFlux said:
August 4th this happened, we hear about this on the 9th, and even then it still isn't listed on Blizzards main site page. Fucking disgusting. I know I should blame the hackers but when a company charges for a goddamn authenticator AND doesn't notify it's customers that an intrusion took place until 5 days later I really really have a problem with that company. I don't fucking care if they didn't know what was compromised the simple fact is that an intrusion took place and they should HAVE to notify their customers on the day that it takes place.
I'm getting sick of this shit. Now I have to monitor my finances, website accounts, and my email account all because they're fucking morons more interested in saving face rather than looking after their customer.
I'm going to say it now, there needs to be legislation in the United States, Canada, the EU, the UK, and everywhere else that states when a company experiences any digital intrusion of any kind they must inform their customers at once. Period. If they don't they should face harsh fines upwards of 100,000 dollars. No more of this waiting for 5 days bullshit. It isn't fucking right, and they're only doing it because they want to preserve their value on the NYSE.
I wish someone in this thread would put the facts together instead of going off like a crazy person here. Blizzard responded in an extremely measured way here. They first went into lockdown, which is what you do. It sounds like they saw this in near real-time, which means that they have reasonable protections and effective monitoring in place. They then, after completing what was likely an insanely complicated assessment of the situation, explained this to their customers.
It is counterproductive to require any firm to immediately inform on a breach because that can indicate a current vulnerability. This is why software firms avoid announcing compromises for their software until they patch them.
Here is what happens in a typical security incident protocol:
- The system is locked off from the outside, accounts and sessions are killed, etc...
- An assessment of the means of entry is done and any security holes closed, while
- a copy of the compromised systems is made immediately to preserve the system in its current state. This includes write-blocked drive imaging, any external system log aggregation, etc...
- Forensics begin on a write-blocked copy of any images that were taken of servers and logs are reviewed
- An early assessment is made of the data that was available on the compromised machine(s) and combined with a network traffic assessment to assess what may have leaked
- Appropriate law enforcement is contacted, based on the initial compromise assessment
- If any regulated data is found, the appropriate regulatory agencies are contacted
- After continued assessment of the state of the entire environment, a more in depth assessment of the compromise is done and a communication plan is prepared
- Communication to affected parties happens
What's important here is that it sounds like the way in which the passwords were stored is extremely secure and is probably close to computationally infeasable to crack. Here is what can happen now:
Someone can, knowing your email address and secret question, request a password reset that will be sent to your email. That is all. From the information that Blizzard released, there is no way that people can log into your account with the information they have gained from this compromise without accessing your email account, which is another item that would have delayed the announcement.
Also, this was an impressively fast response from such a huge company.
Log in to comment