Cyber Incident Victim: Blizzard Entertainment
Date:
Aug 2017
Location:
United States of America
Summary
Blizzard Entertainment experienced widespread disruptions due to a distributed denial-of-service attack targeting its network providers, causing significant latency and connection failures across multiple games including World of Warcraft and Overwatch. The incident prevented logins, disrupted PayPal payment processing, and marked the second service outage within a week following prior authentication server issues during a major game event launch.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On August 13, 2017, Blizzard Entertainment experienced a series of distributed denial-of-service (DDoS) attacks targeting its web infrastructure, causing widespread disruptions to its online gaming services. The company first acknowledged issues through its customer support Twitter account, stating it was investigating authentication server problems that led to failed or slow login attempts for players. Within minutes, Blizzard confirmed a DDoS attack against its network providers was responsible for latency issues and connection instability across multiple games, including World of Warcraft and Overwatch. The attacks additionally compromised payment processing systems, specifically disrupting PayPal as a viable transaction option for customers. Blizzard's support team actively monitored the situation while apologizing for service interruptions, though no immediate resolution timeframe was provided during the initial outage period.
Service monitoring platform DownDetector recorded the attack's onset at approximately 11:28 AM EDT, with user reports highlighting three primary impact areas: website accessibility, login functionality, and server connectivity. Affected players described inconsistent access patterns where some users could connect while others on identical networks encountered persistent login failures. The incident marked Blizzard's second major service disruption within a week, following an unrelated outage on August 9, 2017, during the launch event for Overwatch's Summer Games 2017 update. While the company's public communications focused on network provider-level attacks rather than application-layer vulnerabilities, the sustained assault created cascading effects across authentication, gameplay, and financial transaction systems throughout the weekend. Blizzard maintained continuous Twitter updates regarding mitigation efforts but did not disclose technical details about attack vectors, traffic volumes, or responsible parties in its public statements during the event.