SO I was going to sleep then i get all these notifications over someone logging into my account, changing the email address then adding an authenticator onto my account -___-…
So I check all my systems and see if there’s any breach and nothing… I’m so confused about how someone was able to get into my account?.. Bad luck?.. I’ll definitely use the authenticator now.
I emailed Blizzard, but they haven’t responded yet.
Yet… I’m still signed into my forum account lol!
Do you mean put a ticket in?
Follow this guide.
Yup… Submitted my ID and everything. I guess they’re all asleep.
So this douchebag is doing god knows what in my account ;-;
Good news is GM will be able to restore everything loss and revert the damage. Glad you got on top of it! 
Authenticator is the way to go too, so I’m happy to hear you’re adding that! ;D
You did your part blizzard will do theirs! 
By chance does your wow account share a password with anything else?
Does your email address on the account ONLY get used for the account.
Something sniffed your password out unless you clicked on any malicious links. Take this time to fully secure your rig. Several free programs out there. Malwarebyres tends to be the top recommendation along with a full anti-virus scan. Blizzard can fix and restore your account. That is the easy part. If this runs deeper, your banking, credit cards etc could be at risk too. Much more difficult.
If you use the email attached to your account, once you get it back set it up on an email only used for this. I recommend Google, as it has 2 factor authorization. And as you already said, most definately add an authenticator.
At the moment - they are doing nothing, because it got locked up.
Looks like they had a wee of a time while they were in it, however. Damages can usually be undone.
At the moment, your concern needs to be security. Both your system - and your email. As already mentioned, reusing emails and passwords across games, websites, other applications can be dicey. If any one of them gets compromised, it could lead to them trying other places.
Once this gets resolved, I’d absolutely add an authenticator. Also, changing to a fresh email - used ONLY for Blizzard is also an excellent idea.
Others have hinted at this but I will be blunt. In order to change your email address on your Bnet account, they need access to the current email. So they are IN your email. It is imperative that you not only clean up your Bnet situation, but consider what other damage they can be doing. Your email, and anything connected to it, are at risk.
I use Gmail because it lets me set up two factor authentication. If someone tries to log in from a strange place it sends a code to my phone that is required to unlock my email.
It’s impossible for someone to get into my email unless they have access to my cell phone.
I have no viruses, malware, etc…
It’s still possible for someone to get into your email by just random inputting passwords as well and getting VERY lucky. It’s happened to one of my old emails. I’d recommend getting a randomly generated password and making that your new email password and another randomly generated for Bnet. get a two factor authentication on both your email account and your Bnet.
There’s also a website that checks if you’ve been “pwned” that checks for data breaches on sites. It could help you find out how they got the information to your email to cause this damage.
Thanks for the response.
When will Blizzard try to contact me?
When your ticket comes up in queue it will get worked on. They won’t personally reach out and contact you in real time. So you don’t have to wait around for a specific contact.
Well, the only way to change the email on your Bnet account is to have access to your email. To make the change, Blizz sends a confirmation email to the OLD (current) one before changing to a new one. Someone in your email had to confirm that change for it to go through. The only other way to make that change is to submit ID in the name of the account holder. That would be an even bigger issue.
It’s now almost the end of the day, and I’ve yet to have a blizzard employee to help me with this situation… Everywhere I’ve read people were able to get help relatively quickly… Why is this taking so long for them to respond?
Because you are in line behind other people in the same situation.
Have you sorted out your email situation yet? They CAN’T change your email on your Bnet without access to your current one. Not unless they submit ID claiming to be you.
Yeah, I went ahead and changed my passwords.
I’m really confused about how this person could even get into my email account. It has to be verified through my phone if it’s from a location it doesn’t recognize lol, but I changed everything anyway and scanned my computer and found nothing.
I have access to my email and I submitted my ID To them, but only crickets. Are there really that many people with accounts that have been compromised?
Gold farmers only use compromised accounts. That number is in the millions and is constantly growing, just to give you an introductory context.
I have a friend who works cybersecurity, he could hack yours or any basic email in about two minutes. If someone knows what they’re doing it’s easy and there are a lot of ways to do it.
no, there hasn’t.
Honestly they probably, very likely weren’t.
But Shadowlands just launched on Monday, so thousands of players coming back after not playing for a long time to find their accounts compromised? Very much possible.
It isn’t like Blizzard is going to take the heinous amount of manpower to unlock an account after its been compromised rather than just lock it down and wait for the account owner to start the process. They have much better things to do with their time.
Cataclysm as a possible starting point for a lot of people? That’s an eight YEAR window that their account could have been compromised. Ten, if you start from the launch date. If people aren’t playing, they won’t know their account is locked down until they return.
What the hell is your problem? Seriously… Blizzard has NOT been hacked.
I was not aware that knowing about cyber security and keeping myself protected and safe from compromise made me not part of the player base. Roger that.
https://i.kym-cdn.com/entries/icons/facebook/000/010/692/19789999.jpg