Went to log in today and the login screen said "input your digital code"

except I don't have an authenticator.

I only go to 1 website on this computer for the last 5 years.

Ran adaware/malware/avg/avast and could find no keyloggers or viruses.

I don't use email so I wasn't phished. I don't reply to those fake whispers when i'm logged in telling me to go claim my new pet at www.soandsoblahblah.com

I don't click on screenshots or click on ads selling gold ...basically all I do is read this forum and play the game.

I did get hacked back when BWL was new and I learned my lesson from that.

So what gives? How did someone get into my account and add an aunthenticator?

I don't even click on ads on wow forums.

There's a lot of hostility in this thread, which I'd like to see tone down. When you feel like you've taken the right steps to secure your system, it can be confusing and upsetting when you find your account compromised. It's natural to look for explanations - even in unlikely places.

I would like to simply state that, to date, Blizzard Entertainment has not been compromised. With that in mind, to prevent future compromises, it's essential to recognize that the breach in security occurred somewhere within your domain.

---

Q u o t e:
you didnt get hacked because you dont have one... because people get hacked with them all the time

---

I want to make something clear: The statement that 'people get hacked with Authenticators all the time' is simply incorrect, bordering on outright falsehood. While no security measure is 100% successful, layering security has substantial advantages and attaching an Authenticator remains one of the very best steps you can take to secure your World of Warcraft account. It remains true that acquiring an Authenticator alone may not be enough, and doing so does not replace safe browsing habits and good system security.

---

Q u o t e:
hxxp:// is standard protocol for reporting mal sites. I'm one step ahead of you = )

---

Thank you for editing the site sufficiently to protect other players. It's always best not to post a potentially malicious site in a recognizable fashion - doing so is a violation of the forum code of conduct and puts the curious or incautious at unnecessary risk.

---

Q u o t e:
Since I got you here Mr. Blue....any chance you could take that aunthenticator off my account? Its impossible to get thru to blizzard on the phone.

---

Unfortunately, I'm personally unable to do so, no =(. You can request that an unauthorized Authenticator be removed via email at Billing@blizzard.com or via telephone. I know that the telephone queues are impacted, and I am sorry if that's inconvenient at all, but it remains amongst the fastest methods to clear up a situation like this. Email is a good way to go if you are willing to wait.

---

Q u o t e:
Its wierd though--I can still log into these forums and my armory shows me with all my gear on. I only played this warrior since vanilla release.

Has it gotten to the point where the hackers have so many stolen accounts that they haven't gotten around to stripping my guy naked yet?

---

That's unlikely. The armory can update slowly, so that may explain why you haven't seen the 'damage' quite yet. Not to worry though - while no restoration is guaranteed, our staff will do their best to help you make as full a recovery as possible, and get you back on your feet and playing as soon as they can. The links we've posted in our brand new security and compromise thread:

Account Hacked? Security Issue? Look Here!
Account Hacked? Security Issue? Look Here!