Blizzard Acknowledge Security Concerns Following Diablo III Account Hacks

[News Portal]

Blizzard have acknowledged that Diablo III users may be experiencing some security issues. Reports have come in about loss of items, gold and accounts otherwise stripped bare. This becomes of particular concern when considering the real currency auction house is due for release at the end of the month. Blizzard are keen to fix the problem and recommend using their Authenticator, but it is worth noting that there are reports that suggest hacks have taken place in accounts that already had the Authenticator in place.

Source: Battle.net

Read full article by GON News

[meji]

Not particularly surprising there has already been hacks to people's Diablo 3 accounts. WoW already has a lot of issues with hacked accounts but Diablo 3 will be far more attractive. Once real money goes into play, well that is far more attractive for the criminal element out there.

Hopefully the secure things prior to the feature going live. Of course that doesn't prevent those who think the security should be all on Blizzards end and that the fact they downloaded from naughty websites doesn't make them the actual security risk.

[InAUGral]

Here is an interesting fact. Diablo 3 account is your battle.net account. Hence hacking WoW is hacking Diablo 3 and Starcraft 2 as well. This makes your accounts even more valuable especially once real money auction houses come in.

[PsychoSmiley]

The issue it seems however is that these supposed 'hacks' are circumventing the authentication process entirely thus nullifying the authenticator.

[DeathMist]

Ive heard the way to do it is via joining public
games. Thus explains security bypass.
Blizzard, y u release ahitty game.(I blame activision)

[Bluefire]

Most likely dumb fks downloading "hacks/bots" to cheat the game... which are really keyloggers.
Or using unsecured public/family/friends systems to login.

[Artful-dodgeR]

http://us.battle.net/d3/en/forum/topic/5149619846

&

http://us.battle.net/support/en/article ... ms-protect

Looks like Blizzard had this up their sleeve and now released it.

[spawneh]

I remember reading some guy claiming his account was hacked even with an authenticator. Which turned out to be an utter lie as someone at blizzard was able to quickly confirm the guy just added his authenticator after he was hacked.

The "hackers" most likely stockpiled a large number of battle net account details, then after Diablo 3 was launched decided it was time to cash in. This just goes to show that changing passwords every now and then can prevent being hacked. All these people obviously never changed passwords.

[TRB]

All these people obviously never changed passwords.

Yeah "obviously", because online databases run by big companies never get hacked, right?

You're an idiot and you have no clue if its because people didn't change their password or if its because of malicious code injection during public games or if its something else completely.




Good thing the game is all online though, we wouldn't want anyone hacking the single player experience!

[majkicCFC]

i was playing the other day and it booted me...said i logged in else where, so i just re-logged in.....then when finished playing i changed my Pword


i think blizzards problem is all the spam people get through their email, even real blizzard email go straight to my junk box.


word of the wise people never click or read ANY email blizzard send you....i never have nor ever will.


PS funny thing few months back when i updated my battle net to diab3 beta....5 mins later i got a D3 beta invo (spam).....and my PC is clean

[CJGordon]

i think blizzards problem is all the spam people get through their email, even real blizzard email go straight to my junk box.


word of the wise people never click or read ANY email blizzard send you....i never have nor ever will.

After my battle.net account got hacked a few years ago I changed my email immediately after getting my account back, ever since then I have not received ANY spam emails on the new email address, the only emails I get are indeed from blizzard.
Funnily enough my old email is still receiving Spam emails from people trying to steal my account.
As soon as I bought my iPhone the first app I ever got was the blizzard authenticator, as soon as they brought out the SMS security thing I got that set up, I have never been hacked ever since the first time, However I change my password every six months also.

[samurai047]

The people claiming to be hacked with authenticators attached to their accounts, actually do have authenticators. But, the issue is, they have it on the setting that only asks for it once a week. So, the hackers are able to just log in with the email and password and not get the authenticator prompt.
My best suggestion and is set your authenticator to ask every time. Inconvenience is a small price to pay for security.

[InAUGral]

The people claiming to be hacked with authenticators attached to their accounts, actually do have authenticators. But, the issue is, they have it on the setting that only asks for it once a week. So, the hackers are able to just log in with the email and password and not get the authenticator prompt.
My best suggestion and is set your authenticator to ask every time. Inconvenience is a small price to pay for security.

That defeats the purpose of having the authenticator imo.

EDIT: On a topic related to Blizzard etc, Last time my battle.net account got hacked (at this point it had been over a year since I last logged in) I used a new system to get accounts back quickly and laughed hard when I got my account back instantly with a few months of WoW paid for on my account.

[samurai047]

The people claiming to be hacked with authenticators attached to their accounts, actually do have authenticators. But, the issue is, they have it on the setting that only asks for it once a week. So, the hackers are able to just log in with the email and password and not get the authenticator prompt.
My best suggestion and is set your authenticator to ask every time. Inconvenience is a small price to pay for security.

That defeats the purpose of having the authenticator imo.

EDIT: On a topic related to Blizzard etc, Last time my battle.net account got hacked (at this point it had been over a year since I last logged in) I used a new system to get accounts back quickly and laughed hard when I got my account back instantly with a few months of WoW paid for on my account.

Sounds like a win to me, if you were still wanting to play wow that is haha

[spawneh]

All these people obviously never changed passwords.

Yeah "obviously", because online databases run by big companies never get hacked, right?

You're an idiot and you have no clue if its because people didn't change their password or if its because of malicious code injection during public games or if its something else completely.

I'm going on what Blizzard have said that all the accounts that have been compromised, was as a result of the usual. Not due to the code injection which blizzard claim doesn't even exist. I'll admit that the stockpile theory was my own probably stupid idea, its probably more likely that with a new game came a whole lot more people who were hacked.

With authenticators I was under the impression it only asked you once a week, except when you were logging in from a different IP it would always ask you. So while it may only ask you once a week, as soon as you or someone else attempted to log in from another account it would prompt for code.

**edit
Even if a database was hacked, wouldn't changing password since they retrieved the data prevent them accessing your account? Uh in fact, isn't that what they always tell you to do when they believe they have been compromised?