The unauthorized access included email addresses associated with Battle.net accounts in all regions, outside of China. Additional information from accounts associated with the North American servers (which generally includes players from North America, Latin America, Australia, New Zealand, and Southeast Asia) was also accessed.
The company says the information includes cryptographically scrambled versions of passwords but not the actual passwords, the answer to a personal security question, and information relating to Mobile and Dial-In Authenticators.
Blizzard says that even with all this information hackers would not be able to gain access to Battle.net accounts.
Based on Blizzard’s investigation to this point, credit card and other customer payment data does NOT appear to have been accessed or affected. As a precaution, however, Blizzard encourages players to change their Battle.net password and any similar passwords used for other purposes.