Another friend and member of our guild who had been out of WoW for a while just went back to re-up to play with a friend, and was greeted by this:
Somebody got his account information, somehow, and then used the account in such a way as to get it banned.
Unlike the last guild member who got hacked, this time the guild vault did not get looted. Instead, it seems that they just used the account as a gold selling mule for a while… his characters were probably spamming gold seller URLs in chat for a while… until Blizzard turned off the switch on the account.
After an hour on hold, the Blizzard rep began the process of restoring the account. The rep told my friend more than once that Blizzard is getting very good at restoring people’s accounts after such an event. No doubt they get a lot of practice.
And my friend now has the phone version of the Blizzard Authenticator set up.
Another tale to remind people that, yes, this might happen to you.