A couple of nights ago, it was late when I decided to log on and check my email.  I logged on to see an email from Blizzard telling me that I had been accepted into the Beta for Cataclysm.  A link took me to the battle.net web site and I logged in to see what to do next.  What I didn't see was that battle.net was spelled batt (one) e.net.  As soon as the marketing home page for Cataclysm was displayed, I knew something was wrong.  I looked back at the email, recognized the domain to be fraudulent and immediately logged on to the World of Warcraft client.  Only a minute or so had passed so I figured I could get online and change the password before my account was logged into.

By this point, my heart is beating a million beats a second.  My Internet connection has never been slower. 

Battle.net took a good thirty seconds to load and page refreshes were taking somewhere on the order of 20 - 30 seconds.  A couple of minutes go by before I get to the password change screen and just as I click submit on the password change, I'm disconnected from the game client.  No more than 5 minutes has passed.  Now I'm worried.  I try to log in to the account and there's an authenticator on the account; one I didn't enable.  My heart sunk.  I had been phished successfully.

I headed over to the support page for World of Warcraft.  Damn, customer support is only open until 11pm EST.  It was 12:30 in the morning.  I send an email to customer support and scour their site for what to do if you've been hacked pages along with how to get your items recovered.  Meanwhile, I think to myself that everything might be ok considering that I changed the password.  Maybe, the authenticator was put on the account and they couldn't log in.  Then again, I was booted from the game client as well so we'll have to wait and that allowed me a second to think about all the other accounts that could be compromised using the password and email address that I supplied to the hacker.  Now I was really worried so I changed the passwords to every account that I could think of which kept me up until 2am EST.  10:00am EST was when the customer support line would open and it couldn't come fast enough for me.  I barely slept.

The next day, I contacted Blizzard support and spoke with a woman named Margarita.  She was very helpful but couldn't do much becayse it was a patch Tuesday and we all know how smooth patch Tuesdays are in Blizzard country.  She told me that she would call me back as soon as the internal systems were up and running.  I told her that I needed to know that noone other than me could log into the account.  She reassured me that as soon as her internal systems came back up, she would take care of it.  A couple hours later, I received a phone call from her stating that the account was accessed, the authenticator has now been removed and that I have been issued a support ticket for the restoration of my items and gold.  What more can I say other than, Blizzard hit this one out of the park when it comes to quality customer service.  If the item restoration and follow through ends up being this good then I'll have even more good things to say about the experience.  The only downside is that it will take up to two weeks for me to get my items and gold back due to the backlog of restoration requests which got me thinking.

Why was anyone allowed to put an authenticator on my account without a confirmation email or confirmation text message?  Had the authenticator not been put on my account, the password would have been changed and I could have booted the user from the game permanently and saved Blizzard a support call.  It seems to me that if an authenticator can be used to block the original owner from logging into the account that it should require the original owner's consent to apply it to the account.  That said, I've seen first hand how well an authenticator works and I'm putting one on my account asap.

Later Tuesday afternoon, actually evening, I was able to log into my account.  I can't describe the feeling I had when I logged in to see 5700+ gold gone, my bank cleared out of anything of value and my character stripped to only the items without a sale value.  This is my armory character page:

Prior to the hack, I had all 251+ gear with gems for both Shadow spec and Discipline spec.  When you think about all of the time and effort that goes into building a character to end-game gear, it crushes you to see all that disappear because of one silly mistake with an email.  I tell you all this tale so that it doesn't happen to you.  Get an authenticator on your account and do it soon.
 

UPDATE: As of July 27th 2010, Blizzard now requires an authenticator to be confirmed by the email address on the account.  Thank you Blizzard.  I wish this was there when this happened to me because I probably would have escaped without injury.