A claim came down on September 20 that over 500,000 Activision accounts were compromised in a data breach. However, late yesterday evening, Activision debunked these claims as false. Even so, Activision encouraged users that if they feel their accounts are at risk to act accordingly.
— Activision Support (@ATVIAssist) September 22, 2020
Activision may insist none of this happened, but it doesn’t mean this rumor didn’t cause widespread panic. Twitter account “oRemyy” originally posted about the hack. Other very popular content creators confirmed this report. The hack allegedly leaked login info and passwords, and the hackers were reportedly changing all of the account details to prevent any recovery.
“Yeah it’s legit guys,” oRemyy tweeted. “Change your Activision account passwords and add 2FA immediately.”
Yeah, it's legit guys. Change your Activision account passwords and add 2FA immediately.
— KAMI (@Okami13_) September 21, 2020
TheGameRevolution was one of the other creators to confirm that the hack was real, creating further panic. He claimed that the hackers were “generating 1,000 accounts every 10 minutes.”
Activision accounts are apparently being leaked so change your password, although that might not even help because they're apparently generating 1,000 accounts every 10 minutes.
— TheGamingRevolution (@TheGamingRevo3) September 20, 2020
Prototype Warehouse and Okami both reported the same. However, none of these users claimed that their own accounts were affected. They were urging others to protect themselves before it was too late.
Activision accounts provide more than just access to Call of Duty online accounts. You can also connect them to other titles, not to mention your Battlenet account, PSN, Xbox, and even Nintendo accounts. And your Activision account may have payment information as well, which can lead to stolen identities, etc.
So while the report of an Activision data breach appears to be false, there is something to be said about password security with these accounts. Always enable multi-factor authentication where you can, and don’t link logins together. Keeping everything secure in this way is royal pain in the butt, but unfortunately, this is where the jerks of the world have us.
It’s probably best to go on ahead and change any passwords that may have been affected. It’s better to be safe than sorry, right?