Blizzard's internal network compromised.

[zenga]

They said encrypted passwords were taken. And with the encryption being rather hard to break. I believe if this WAS the source of alleged account compromises, I think we'd see MANY more. Call me skeptical. I just have more faith in cryptology than the average idiot battle.net user.

Even still, I've changed all the passwords I've ever used for my WoW account. Rest in Peace "<38====DMiRai" you were an amazing password.

SRP is pretty much as good as you can get. But you don't want to know how many 'big' sites just store the encrypted hash in the database, while there are plenty of tools that contain a ton of hash/password matches, and thus are prone to brute force attacks as well. They can even deal with know obfuscated hashes (add noise to the hash or store it the other way around).

Edit: I must say that I'm happy with the way Blizzard communicates about this. They could serve as an example for many on how to handle shit like this.