[Tallenn]

I actually got a real email from Blizzard about my account being compromised, and it was. It took me a couple of weeks to get everything straightened out, too. They cleaned me out pretty good (pretty much ALL of my gold, most of my gear that was worth DE'ing, all tradeskill stuff, etc), but Blizzard replaced everything they took, as far as I can tell. I haven't played since some time last year, so I can't know for sure, but it looks about right to me.

What really had me stumped is HOW my account was hacked. I use strong passwords that are completely random series of characters and digits, so there is no way to figure them out by researching me. At first, I thought maybe it was that they had figured out my secret question, but all that would have done was to reset my password, and send that message to my email. Then I realized I had made a critical error: I used the same passwords for online forums and stuff like that, also using the same email address to register. Stupid, rookie mistake. I've since changed all of my passwords for everything else.

So, just a warning: don't use the same passwords for online forums as you do for important stuff. It seems that not all of those things use encrypted passwords. IN some of them, the form owner can access your information, including your password. It's probably a good idea to use an email account you have JUST for that purpose, as well.