Cyber Incident Victim: Activision Blizzard

On April 14, 2016, Blizzard Entertainment's Battle.net online gaming services experienced intermittent disruptions due to a distributed denial-of-service (DDoS) attack claimed by the Lizard Squad hacking group. The assault began in the early hours of Thursday morning, impacting authentication servers and preventing players from accessing games such as World of Warcraft. Blizzard's customer support team acknowledged the attack via social media, confirming service instability across multiple regions. Lizard Squad publicly claimed responsibility for the attack through their communication channels, simultaneously claiming credit for disruptions affecting other unspecified gaming platforms. The group employed a "stresser" tool—a type of DDoS-for-hire service—to overwhelm Blizzard's infrastructure with malicious traffic.

Blizzard's network operations team detected mitigation measures within minutes of detecting anomalous traffic patterns, implementing rate-limiting controls and rerouting legitimate user requests through backup network paths. Service availability was largely restored within two hours, though sporadic connectivity issues persisted for some users throughout the day. No evidence of data exfiltration or systemcompromise was confirmed by Blizzard, despite Lizard Squad's history of combining DDoS attacks with secondary intrusions. The attack aligned with the group's established pattern of targeting high-profile gaming platforms to garner media attention, following their 2014 campaigns against PlayStation Network and Xbox Live. Blizzardmaintained public updates throughout the incident via status updates and direct customer communications, avoiding detailed technical disclosures to prevent aiding future attacks. Service monitoring toolsrecorded a 92% reduction in legitimate Battle.net traffic during the attack's peak, with full recovery confirmed by 11:00 AM PDT on April 14.