The unauthorized access included email addresses associated with Battle.net accounts in all regions, outside of China. Additional information from accounts associated with the North American servers (which generally includes players from North America, Latin America, Australia, New Zealand, and Southeast Asia) was also accessed, including cryptographically scrambled versions of passwords (not actual passwords), the answer to a personal security question, and information relating to Mobile and Dial-In Authenticators. It’s important to note that at this time, Blizzard does not believe this information alone is enough to gain access to Battle.net accounts.
At least it wasn’t clear text passwords.