What data was affected?
Here's a summary of the data that we know was illegally accessed:
North American-based accounts, including players from Latin America, Australia, New Zealand, and Southeast Asia:
Email addresses
Answers to secret security questions
Cryptographically scrambled versions of passwords (not actual passwords)
Information associated with the Mobile Authenticator
Information associated with the Dial-in Authenticator
Information associated with Phone Lock, a security system associated with Taiwan accounts only
Accounts from all global regions outside of China (including Europe and Russia):
Email addresses
China-based accounts:
Unaffected
At this time, there’s no evidence that financial information of any kind has been accessed. This includes credit cards, billing addresses, names, or other payment information.