X
nav logo

Hit enter to search or ESC to close

Hearthstone had a bit of a controversial weekend. Everything started this Friday, June 14, with a member of the French Hearthstone community, Friiz. Friiz regularly posts infographics of stats of Hearthstone tournaments on Twitter. Well, this Friday, Friiz posted stats of the upcoming Masters Tour Las Vegas event for Hearthstone on the Twitter account. Thing is, he did so almost an hour BEFORE the decklist submission was supposed to close.

This information was not supposed to be accessible until the closing of the decklists, which was intended to happen the night before the event at 4:00 AM local time. As it turned out, there was a long-standing bug on the tournament platform Battlefy which allowed for access to this information.

What happened

The bug, which users on Twitter have suggested has existed for months, allowed for access to the information of the submitted decks through the website’s API. People had allegedly reported this bug to Battlefy months ago, but the company had still not fixed it. The information leaked, in some cases, was only the class information. However, in certain instances, one could access the entire submitted lineups.

While it is expected many participants have only changed tech-cards in their decks to improve their decks against the field, at minimum 8 competitors switched to an entirely different lineup. Battlefy responded to the leak on Twitter after the first day of play had resolved. As you might expect, this response drew a fair amount of criticism.

Update for Hearthstone Tour stop Las Vegas: The # of registrations by class changed only marginally and fall within the normal behaviour observed on the platform for other Hearthstone tournaments. Therefore, there was no impact to the competitive integrity of the tournament.

Again, any attempt to exploit games and platforms for unfair advantage is prohibited. We kindly ask the community to report any such behaviors to us. Thank you to members of the community that have helped us with this investigation

The statement made by Battlefy tries to minimize the issue. Honestly, though, this might be the biggest scandal of Hearthstone esports yet.

The impact

Included in the players who made changes following these leaks was the winner of the event, Hearthstone streamer Dog. Dog intended at first to bring a build of Holy Wrath paladin, but he switched at the last moment to a very greedy Control Mage build to counter the overwhelming amount of warriors. We will probably never know the extent of the damage this bug has had to the competitive integrity of the event. This is just another blow to the credibility of Hearthstone as an esport.

One aspect that many people seem to not acknowledge is that certain players have no doubt known about this bug for months. Such players would have gained an unfair advantage throughout all of the open cups run to qualify for the master tour events.

Battlefy’s Response

Earlier today, Battlefy backtracked on their previous statement and posted this after the tournament had ended.

We were wrong to assert that the competitive integrity of the event was not impacted. For this, we apologize.

Shortly after the selected classes were exposed, we shut down the endpoint that was used to access them. On Friday, we formed a team to specifically assess and correct any potential vulnerabilities.

We will work tirelessly over the coming weeks to ensure that this does not happen again. We will keep the community updated on our progress.

In response to this, an old competitor, Xzirez, responded. Notably, Xzirez was one of the players who claimed to have reported this bug to Battlefy a long time ago.

https://twitter.com/Xzirezhs/status/1140493597235720192

With the story still developing, we wait to see Blizzard’s official response to the situation. We will be sure to bring you the news when we know more. For now, if you’d rather focus on Hearthstone‘s future than its troubled present, check out the final location of this year’s Masters Tour, Bucharest!