Blizzard Entertainment has reportedly been watermarking screenshots taken inside World of Warcraft with encrypted user data for years, though it never notified players that their information is shared in the images.
According to users who discovered the watermarks, each screenshot taken by players with the MMORPG client contains information that "can be easily recovered and decrypted by hackers," including account IDs, timestamps, and the IP address of the realm.
Though the watermarks do not contain account passwords or personal information (e.g. real names), the data shared could be used to help scammers target players. Blizzard could also potentially use the information to track down unauthorized servers and people engaging in prohibited activities.
Many are criticizing the practice due to user privacy concerns and Blizzard's decision to not explicitly inform players about the watermarks since it began embedding them some time between 2008 and 2010.
This news comes just a month after hackers compromised Blizzard's Battle.net service, accessing user emails, encrypted passwords, and other information used to play games the company's games, including World of Warcraft and Diablo III.
It's unclear if Blizzard has employed the same watermarking practice in its other titles. Gamasutra has reached out to the company for a comment on the watermarks, but has yet to hear back as of press time.