My sub ran out yesterday and I didn't really have any plans to re-sub this month.
I've just gotten an e-mail telling me that my account is locked due to suspicous behaviour and after trying to log into battle.net was told to change my password. I use an authenticator and I only recently scanned my PC using the Windows 7 virus scanner and mal-ware bytes.
I've gotten those old phishing scams before where you're redirected to another site, but this seems pretty legit. Annoyingly i'd forgotten my security question and after guessing 4 times, typed my Starcraft 2 serial key, but it just kicked me out saying "too many wrong atempts".
Should I be worried that my account has been hacked? I've got a feeling it might have something to do with the "always keep me logged in" box being checked when I headed over to battle.net to see what was up. Normally I'll un-check this and always make it so I've got to authenticate with every log in, I don't have it keep me logged in for 30 days. This time though, that box was checked automatically. Have I possibly been logged in all this time without realising it?
Just call their support line and tell them what happened. They should be able to help you out.
Absolutely! You'll find our numbers linked in the upper right hand corner of our support portal Also, having the Authenticator set up on the account will do well to help prevent these kinds of locks that can happen, when our system doesn't recognize the location from where you're logging in from.
When in doubt, try and call. Not sure if they can help you directly over the phone or not with this kind of thing as I am unaware of what they actually can help you with besides server transfer problems, but it can't hurt to try. Seems like many of the issues are not covered and they may tell you to "put in a ticket", but give it a shot.
EDIT: Seems like a Blizzard support person above me answered that, so ignore my post! lol.
I just waited about 5 minutes, tryed to reset my password again and it worked fine.
I really don't like that it auto-selects the "keep me logged in" method though. Even if my virus scanners arn't picking something up, it should be up to me to decide to opt into something that's holding my data, not opt out. Just glad i've got an authenticator though, since i'm guessing without it my account would have been stripped by now
The stolen username and password may have been taken months ago and it just takes them that long to sift through all the data they get with their keyloggers. I found a keylogger on my machine a few months ago, and they didn't try to log into my WoW account until just last week. As long as your current scans are clean, you should be safe to change your password. The account lock means they didn't get very far and your account should be safe after it is unlocked.
To your question about being logged in for an entire month, the answer is no, you haven't been. Even with that box checked, all it does is remember your IP address and automatically relog you in each time you go to the account page. It is harmless to have checked. The lock comes from someone from another IP, generally an entirely different country, trying to log in, Blizzard are getting good at flagging that kind of behavior rather quickly.