This site makes extensive use of JavaScript.
Please enable JavaScript in your browser.
Live
PTR
10.2.7
PTR
10.2.6
Beta
Wowhead membership database may have been compromised
Post Reply
Return to board index
Post by
562522
This post was from a user who has deleted their account.
Post by
Malgayne
We're looking into this right now, trying to find any signs of compromiseānothing yet. Has anyone else experienced something similar?
What was the phishing site?
Post by
562522
This post was from a user who has deleted their account.
Post by
Malgayne
Please send the full header of the email to me at malgayne@wowhead.com so I can take a look.
Post by
562522
This post was from a user who has deleted their account.
Post by
Federalagent
FYI: I have not received anything..... Yet.....
Post by
562522
This post was from a user who has deleted their account.
Post by
Shelireih
I've received no such mail, just an FYI if it's important.
Post by
Federalagent
THC... I suspect this might be a virus on your computer. There are viruses that are programed to specifically search for email addresses that pertain to a certain subject. I am sure others have experienced this. The virus assumes that a person uses the same email address for everything, therefore any email address it may have key-logged or captured on your system might get that email.
Run
Malwarebytes
.
Post by
593553
This post was from a user who has deleted their account.
Post by
Federalagent
I signed up to Wowhead on the 17th of May using my battlenet account email and a very similar(but not exactly the same) password, and 1 week later my wow account was hacked! OUCH!
Not to be mean or anything, but that was a serious security issue on your fault.. For the love of the light, ALWAYS use a completely different password than your WoW account. If possible, use a separate email account. and Invest in an Authenticator key.... I have no piety for people who wine about their accounts being stolen when they do stupid stuff and don't have an authenticator.
As for your statement. Its a coincidence. Most often when an account is compromised, it happens instantly as soon as the hackers get the information. So, if it was Wowhead, your account would have been compromised withing 24 hours of signing up.
You might also want to take a look at these links:
Wowhead.com Security and Malware: Serious Business
- Look this one over, it has proof that wowhead is clean.
Blizzard Entertainment cares about your security
Don't Buy Gold
Post by
Koper
I signed up to Wowhead on the 17th of May using my battlenet account email and a very similar(but not exactly the same) password, and 1 week later my wow account was hacked! OUCH!
We don't know and cannot know your password since it's hashed. You probably have some sort of virus or trojan on your computer.
Post by
562522
This post was from a user who has deleted their account.
Post by
Federalagent
Not a chance my computer is infected. I haven't typed that email address since I signed up. I am extremely anal-retentive about virus/trojan/etc protection and computer security.
I do believe that Wowhead works hard to stay clean. However, I also know that the only place I've used the email address linked with my Wowhead account is my Wowhead account. This is why I've come here to share the information with the Wowhead staff.
Never, NEVER use your battle.net account name and password (or even anything remotely similar to them) for any other account.
If you have a smartphone, get the (free!) Battle.NET mobile authenticator and attach it to your account.
So, how do you check that email address? Think of that... There are two ways. (1) you type the username, normally the entire email address, to log into the email account -or- (2) You use a client program like Thunderbird or Outlook, which in itself has the username and password to the email account stored right on the computer. Malware can capture this information. So using the email account anywhere but wowhead, ok... but it still needs to be typed to check the account.
Post by
562522
This post was from a user who has deleted their account.
Post by
Federalagent
So, you have heard of Headers? Easily capture as they are transmitted out the port, so even if the original address was proxied into a separate email, it is still possible. and on that note, how can you not be sure it wasnt your provider. as a Domain is separate from the actual email server provider.
Post by
Koper
It can be a lot of things. Our database getting compromised is one of the most unlikely ;)
(PS: I was replying to kodprotwar not to you in my previous post!)
Post by
562522
This post was from a user who has deleted their account.
Post by
Malgayne
Just to let you know, we're investigating this issue on our end trying to figure out what might have happened. So far I haven't found any sign of a compromise, but we've got all of our access logs turned on to make sure.
Post Reply
You are not logged in. Please
log in
to post a reply or
register
if you don't already have an account.