Send News. Want a reply? Read this. More in the FAQ.   News Forum - All Forums - Mobile - PDA - RSS Headlines  RSS Headlines   Twitter  Twitter
User Settings
LAN Parties
Upcoming one-time events:

Regularly scheduled events

Blizzard on Diablo III Security

Blizzard has posted a message in response to the perception that recent reports of account hacking in Diablo III represent an uptick in such incidents. They say the number of compromised accounts does not represent anything unusual for their games, and that they continue to recommend the use of the Authenticator or the Mobile Authenticator for best security of your account:

We'd like to take a moment to address the recent reports that suggested that® and Diablo® III may have been compromised. Historically, the release of a new game -- such as a World of Warcraft® expansion -- will result in an increase in reports of individual account compromises, and that's exactly what we're seeing now with Diablo III. We know how frustrating it can be to become the victim of account theft, and as always, we're dedicated to doing everything we can to help our players keep their accounts safe -- and we appreciate everyone who's doing their part to help protect their accounts as well. You can read about ways to help keep your account secure, along with some of the internal and external measures we have in place to help us achieve our security goals, at our account security website here:

We also wanted to reassure you that the Authenticator and Mobile Authenticator (a free app for iPhone and Android devices) continue to be some of the most effective measures we offer to help players protect themselves against account compromises, and we encourage everyone to take advantage of them. In addition, we also recently introduced a new service called SMS Protect, which allows you to use your text-enabled cell phone to unlock a locked account, recover your account name, approve a password reset, or remove a lost Authenticator. Optionally, you can set up the SMS Protect system to send you a text message whenever unusual activity is detected on your account, keeping you aware of important (and possibly unwanted) changes.

For more information on the Authenticator, visit

For more on the Mobile Authenticator, visit

For more on SMS Protect, visit

We also have other measures built into to help protect players. Occasionally, when detects unusual login activity that differs from your normal behavior -- such as logging in from an unfamiliar location -- we may prompt you for additional information (such as the answer to one of your security questions) and/or require you to perform a password reset through the website. World of Warcraft players might be familiar with this security method already, and Diablo III players may begin to encounter it as well.

As always, if you think you've been the victim of an account compromise, head to the "Help! I've Been Hacked!" tool at for assistance.

Post Comment
Enter the details of the comment you'd like to post in the boxes below and click the button at the bottom of the form.

50. Re: Blizzard on Diablo III Security May 23, 2012, 18:56 WaltC
CJ_Parker wrote on May 23, 2012, 05:37:
Jeez what a load of BS. You clearly have absolutely no clue what the fuck you are even talking about. The icing on the cake is that you come across as some wannabe high horse intelligent elite when in reality your post is one of the most retarded anti-factual write-ups to be witnessed on here in a long time. An amazing display of arrogance and stupidity. Well played, Sir.


Be aware that your display of "ignorance and stupidity" just topped mine, and by a landslide margin. Your problem is likely that you don't understand the simple post I've made and this inability to communicate with the outside world fills you with rage and causes you to vomit up irrational personal insults. That about it? Heh...;)

If you can't do better than to hurl idiotic insults then please--say nothing. OK?

Anyway, you may want to look up how trojan horses and keyloggers are used to hack "individual systems in people's homes". That's what the vast majority of these account hacks are like. Some dumbass downloads "diablo3infinitegold.exe" and contracts a keylogger either by directly downloading and installing the infected file or by means of a drive-by infection. Hacker then remotely receives account credentials. Hacker logs into victim's account using these credentials and does whatever they're after, i.e. steal gold or items, delete the character, whatever...

OK, you have outlined exactly one way it might happen. You know, if it had happened to maybe *one person*, maybe *one time*--I might even agree with you.

That's your theory? Let's see, as I told another guy, we live in an age where banks and credit-card companies and US Government files and police stations and tech companies like Valve (who has been hacked twice, IIRC) have all been hacked by 16 year-olds. Yet you want to allege that Blizzard is invulnerable and can't be hacked. The most logical assumption is that Blizzard has been hacked--either from the outside or an employee inside--and that this is the only credible source for all of this information.

Keyloggers are old hat, guy. "Drive-by" infections--that's pretty good--I'll have to remember that the next time I want to tell the owner of a computer that the reason his Battlenet account has been hacked is because he did it to himself, because he's such a dunce. You do realize that with the right kind of firewall it wouldn't matter if someone had slipped in a keylogger?--it would get blocked and couldn't do anything or go anywhere. If someone gets a dose of malware so powerful that it takes over his machine and refuses to be blocked, among other things, then even an inexperienced person will know to format C:\ and reinstall, if that's what it takes.

You cannot categorically say that all of these cases stem from "keyloggers" (so retro) and users too dumb to properly wipe their noses. Seriously guy, if they are that clueless, how do they play the game? They shouldn't be able to figure out the rules...;)

No one who is only after account credentials hacks Blizzard's (well protected, well monitored) servers directly. There may be hacker groups (like the infamous 'Anonymous') who have made it a sport to try to break into Blizzard's backbone or to disturb their services via (D)DOS attacks but the goal of these direct high level attacks is totally different from your regular small scale account theft.

What happens a lot is that somebody inside the company wants to make some pretty good money so he sells some crucial info to interested parties. That's one way it happens--and it happens in a lot of situations. As I mentioned, Valve has a bunch of "well-monitored, well-protected" servers--and Valve got hacked--info was taken--it was not merely a DoS, either. Same thing has happened to the "well-protected, well-monitored" servers at banks, hospitals, credit-card companies, PayPal--the list is impressive. None of those were DoS attacks, either.

My premise is simple: It is Blizzard's responsibility to ensure that its customers' account security is maintained. It is just that simple. You can hold Blizzard's customers accountable if you wish--in that case, the situation will never be remedied and it will just get worse. Or, you can demand (if you are a paying customer) that Blizzard protect its customers' accounts--and this is a solution that I think will ultimately work. In fact, it's the only solution I see that has a prayer of working.

Just about everything you wrote is therefore 100% bullshit.

Nah...;) You just got confused and meant to describe your own post. It's not your fault, though, because I reached over and installed a keylogger when you weren't looking! Your fault! Bzzz-z-z-zt! What I did to you was your fault, right?

Avatar 16008
It is well known that I do not make mistakes--so if you should happen across a mistake in anything I have written, be assured that I did not write it!
Reply Quote Edit Delete Report
      ;)   ;)   :(   :(   :o   :o   %)   %)   :)   :)   :|   :|   ;P   ;P   X|   X|   :D   :D   More
Login Email   Password Remember Me
If you have a signature set up, it will be automatically appended to your comment.
If you don't already have a Blue's News user account, you can sign up here.
Forgotten your password? Click here.
          Email me when this topic is updated.

Special Codes

  • b[bold text]b
  • i[italic text]i
  • u[underline text]u
  • -[strikethrough text]-
  • c[code text]c
  • +[bullet point]+
  • q[quote text (indented)]q
  • [quote="Author"]quote text (indented)[/quote]
  • [url=Link]text[/url]
  • r{red text}r
  • g{green text}g
  • b{blue text}b
  • m{maroon text}m
  • s{secret text (shows in the background colour)}s

Forum Rules

  1. Disagree all you want but attacks of a personal nature will not be tolerated.
  2. Ethnic slurs and homophobic language will not be tolerated.
  3. Do not post spam, links to warez sites, or instructions on how to obtain pirated software.
  4. Abusing the forums in any manner that could be construed as 'griefing' will not be tolerated.


Blue's News logo