Back on June 14, BioWare learned that they had been hacked. The following day, and as reported here previously, they notified users on their forum that the hack may have compromised “information such as user account names and passwords, email addresses, and birth dates of approximately 18,000 accounts.”
Today, 10 days later, my son received his first email from them:
We recently learned that hackers gained unauthorized access to the decade-old BioWare server system supporting the Neverwinter Nights forums. We immediately took appropriate steps to protect our consumers’ data and launched a thorough ongoing evaluation of the breach. We have determined that no credit card data was compromised from the servers, nor did we ever have or store sensitive data like social security numbers. Our investigation shows that information such as user names, encrypted passwords, email addresses, mailing addresses, names, phone numbers, CD keys and birth dates from these forum accounts on the system may have been compromised, as well as other information (if any) that you may have associated with your EA Account. In an abundance of caution, we have changed your password to ensure account security. Please visit this [password reset link] to reset your password immediately.
[…]
Seems like the breach was a bit bigger than they originally thought.