Cyber Incident Victim: Blizzard Entertainment
Date:
Mar 2020
Location:
United States of America
Summary
A gaming company experienced a significant DDoS attack targeting its network providers, disrupting authentication servers and causing widespread latency and connection failures for users globally. The incident led to prolonged login issues and service instability across multiple regions, with ongoing attacks continuing to affect platform connectivity days later. Concurrently, another major gaming service provider faced unrelated global outages and player complaints regarding lagging and connectivity problems, though the root cause remained unconfirmed. The targeted company publicly acknowledged the attack and maintained monitoring efforts throughout the disruption period.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On March 18, 2020, Blizzard Entertainment experienced a widespread service disruption caused by a distributed denial-of-service (DDoS) attack targeting its network providers. The company confirmed the incident via its Blizzard Customer Support Twitter account, stating the attack impacted latency and connection stability for its games globally. Blizzard simultaneously reported investigating unrelated authentication server issues that caused failed or slow login attempts, though it did not clarify whether these authentication problems were linked to the DDoS campaign. Initial outage reports indicated significant impacts across the United States, Israel, Bahrain, Iraq, China, Singapore, Malaysia, and Denmark, as reflected by user-submitted data on Down Detector’s live outage map. Blizzard provided no further updates regarding the attack’s cessation or mitigation efforts on the day of the initial disruption. Electronic Arts’ EA Sports division also faced contemporaneous connectivity issues reported by users worldwide, with customers describing lagging and login difficulties across its platforms, though EA did not attribute these problems to a DDoS attack or disclose an underlying cause.
Blizzard encountered additional disruptions on March 20, 2020, when a second wave of DDoS attacks targeted its Battle.net online gaming service. The company reiterated via Twitter that network providers were under attack, affecting game latency and connections, but did not specify whether this incident involved the same threat actors or infrastructure as the March 18 attack. No technical details regarding attack vectors, traffic volume, or mitigation strategies were disclosed. Meanwhile, EA Sports had not issued any formal updates or resolutions for its earlier lagging issues by the time of Blizzard’s March 20 update. The prolonged Blizzard outages occurred during a period of increased online activity due to COVID-19-related remote work and gaming trends, though the source material does not quantify user impact or financial losses. Both companies maintained limited public communication throughout the incidents, restricting available information to brief social media acknowledgments without post-incident analysis or recovery timelines.