Cyber Incident Victim: Activision Blizzard
Date:
Jul 2018
Location:
United States of America
Summary
A major gaming company experienced intermittent distributed denial-of-service (DDoS) attacks targeting network providers supporting its online services, disrupting access and causing severe latency issues across multiple popular titles including Overwatch, World of Warcraft, and Heroes of the Storm. The prolonged attacks prevented some players from logging into Battle.net services entirely while others encountered significant performance degradation, with regional variations in impact severity. The incident lasted several days before subsiding, characterized as unusually persistent compared to typical DDoS patterns, though the company confirmed resolution while acknowledging potential future recurrence risks.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
A distributed denial-of-service (DDoS) attack disrupted Blizzard Entertainment's online gaming services beginning Sunday, July 6, 2018, persisting intermittently throughout the weekend before concluding on the morning of July 7. The attacks targeted network providers supporting Blizzard's Battle.net platform, causing widespread connectivity issues across multiple games including Overwatch, Heroes of the Storm, and World of Warcraft. Players experienced severe latency during gameplay sessions, while others encountered complete login failures preventing access to online features. Service degradation varied geographically, with some regions reporting more severe disruptions than others during peak attack periods. Blizzard's customer service team acknowledged the ongoing situation through a series of public communications but did not disclose specific technical details about the attack vectors or mitigation efforts.
The incident involved malicious actors overwhelming infrastructure with traffic from compromised devices, consistent with standard DDoS methodologies exploiting networked systems such as Internet of Things gadgets. Blizzard confirmed the attacks' conclusion via official Twitter announcement on July 7, stating network providers had resolved the abnormal traffic patterns. No attribution for the attack source or motive was disclosed by the company. The prolonged duration and repeated nature of the disruptions were noted as atypical compared to conventional DDoS incidents affecting gaming services. Operational impacts ceased following the attack's termination, though Blizzard did not publicly outline any post-incident infrastructure modifications or security enhancements implemented in response. Player access and gameplay functionality were fully restored across all affected titles upon resolution.