I've said it before and I'll say it again, Blizzard has always had security issues. I know people and have read accounts of other people who make a living off of PC's that know how to stay secure and have still had their accounts stolen.  I've had my WoW account stolen twice and I have never, not even once had my account violated in any other MMO and believe me except for those released this year I have played almost all the AAA titles.

Originally posted by someforumguy

Interesting example. Shipping authenticators with the box would add an extra layer of security against keyloggers.

Its your responsibility to protect yourself. No one else is responsible for your safety.

Yeah, just buy your items back!

Originally posted by jtcgs

Originally posted by someforumguy

Interesting example. Shipping authenticators with the box would add an extra layer of security against keyloggers.

 

Its your responsibility to protect yourself. No one else is responsible for your safety.

That's true, but how easy any given company makes it for you does matter, and Blizzard doesn't seem to do much at all; even simple little steps would go a long way to helping the customer and making themselves a smaller target.

Only account i have ever been hacked in is wow, never in l2/war/lotro/aion/pw/ddo/eq1/eq2/vg. I always thought it was people that didt handle theyr security properly but when it comes to blizzard i dont think this is the issue. It might be a problem only blizzard has becouse its so popular.

I know someone tryd to log into my d3 account as i had to type the authenticator again after that mass hack but they never managed to enter since i had this.

So according to blizzard supporters, the fact that over the past couple days large amounts of accounts(anywhere between 10k-100k) have been hacked, and we are not supposed to believe that blizzard deserves any of the blame?

I tend to be pretty safe and cautious on my computer AND no one else uses it, yet somehow my account on diablo got hacked and all my items and gold was removed.

I also have played numerous mmos and have never had an account hacked in any of them. My battle.net account ahs been hacked twice....

Ive changed passwords numerous times and just now added an authenticator but NO other game has made me have to do that. So please enlighten me blizzard supporters, why I should not blame blizzard whatsoever.

Originally posted by RealPvPisFPS

I do have some facts here:

I logged off last night with my level 51 character on Nightmare mode in the last part of Sanctuary getting ready to beat it to go on to Hell mode.

I log on this morning and all my gold, items in storage and items on my character were gone. My character was back on Normal mode in Tristan with the beginning quest again. I submitted a trouble ticket and won't hear back for a couple of days or if at all.

There is no rootkit or other viruses, keyloggers or any kind of malware on my computer. I know about the fake Blizzard emails going around that are phishing scams.

I never have played co-op yet in Diablo 3 so those specualtions on how others can hack those on multiuplayer which I've read about cancels me out even if it is remotely true.

One of two things happened or both, who knows, 1. Blizzard has a major bug on their system causing these issues to a vast majority of people or 2. Professional hackers were able to compromise the Blizzard's servers.

Take your pick because it is one of these two or both. Blizzard is denying everything, go figure.

1. Do you have an authenticator? 

2. Screenshot of your hacked characters as proof?

3. What Anti-virus suite are you using?  Any anti-malware software?  Is it current an updated?  When did you last scan?  Post some scan logs showing that your system is virus free?

4. Troll much?

I strongly disagree that Blizzard servers have been compromized specifically BECAUSE they're denying that they were.  It would be very damaging for Blizzard to deny that they were hacked and then have someone post evidence of a compromise, especially where credit card info is involved.  I also doubt that there is a severe bug in their systems causing all of these non-authenticated accounts to be compromised.  The problem is more than likely one of those infamous PEBKAC issues.

You can't make user's smart, and you can't be playing mommy for the ignorant masses.  Quit surfing pr0n/buying gold and you probably won't have these problems anyways.

Edit:  Just to make it clear, I'm not saying Bliz is great on security or anything.  The lack of brute-force protection and IP locking always irked me in WoW.  In all fairness though, I played WoW from release to about a month into Cata and never had my account hacked once.  Semi simple password that I never changed.  I'm not the type to surf porn, buy gold or play around on shady websites though...

Originally posted by sunshadow21

Originally posted by jtcgs

Originally posted by someforumguy

Interesting example. Shipping authenticators with the box would add an extra layer of security against keyloggers.

 

Its your responsibility to protect yourself. No one else is responsible for your safety.

That's true, but how easy any given company makes it for you does matter, and Blizzard doesn't seem to do much at all; even simple little steps would go a long way to helping the customer and making themselves a smaller target.

No. You just want free stuff.

They have already provided you a way to help make yourself a smaller target...buy an authhenticator.

This is what you get for not standing up and making companies understand that you dont want to be forced into having to play games online that dont need to be online just because they think they are somehow going to stop people from pirating their game...this is the bed you helped to make...lay in it.

Originally posted by RealPvPisFPS

I do have some facts here:

I logged off last night with my level 51 character on Nightmare mode in the last part of Sanctuary getting ready to beat it to go on to Hell mode.

I log on this morning and all my gold, items in storage and items on my character were gone. My character was back on Normal mode in Tristan with the beginning quest again. I submitted a trouble ticket and won't hear back for a couple of days or if at all.

There is no rootkit or other viruses, keyloggers or any kind of malware on my computer. I know about the fake Blizzard emails going around that are phishing scams.

I never have played co-op yet in Diablo 3 so those specualtions on how others can hack those on multiuplayer which I've read about cancels me out even if it is remotely true.

One of two things happened or both, who knows, 1. Blizzard has a major bug on their system causing these issues to a vast majority of people or 2. Professional hackers were able to compromise the Blizzard's servers.

Take your pick because it is one of these two or both. Blizzard is denying everything, go figure.

Get an authenticator.  apps can't find a keylogger until they have the definition of it.

Originally posted by jtcgs

Originally posted by sunshadow21

Originally posted by jtcgs

Originally posted by someforumguy

Interesting example. Shipping authenticators with the box would add an extra layer of security against keyloggers.

 

Its your responsibility to protect yourself. No one else is responsible for your safety.

That's true, but how easy any given company makes it for you does matter, and Blizzard doesn't seem to do much at all; even simple little steps would go a long way to helping the customer and making themselves a smaller target.

No. You just want free stuff.

They have already provided you a way to help make yourself a smaller target...buy an authhenticator.

This is what you get for not standing up and making companies understand that you dont want to be forced into having to play games online that dont need to be online just because they think they are somehow going to stop people from pirating their game...this is the bed you helped to make...lay in it.

I didn't help make the bed. I have yet to buy the game because they haven't convinced me it's worth it just yet. And I'm not looking for free stuff either. If the authenticator is truly that necessary, it should be considered part of the game, and the cost of it treated as such, not as a separate item. Also, the authencticator is just one way of solving the problem, and doens't even really attack the root cause. It makes the individual customer a smaller target within the bulls-eye that is Blizzard, but until they reduce their own target size, it won't really solve the ongoing problems. I find it hard to beileve that Blizzard can't find someone to come up with up to half a dozen ideas that would be fairly easy to implement and low key enough that they woudn't irritate the people affected by them that woud greatly reduce their problems. Heck, simply appearing proactive would by itself be a major step forward that would reduce the target considerably compared to their current stance of "we don't know, care, or have any interest in worrying about it."

Seatbelts are not optional when you pruchase a car, if you put them on, thats another question.

A company has to offer adequate -free- protection to the consumer of their product.

Blizzard has to offer a free and universal (smartphones, not everyone has them) security-solution to their consumers.

It doesn't need to be authenticators, it can be as easy as Steamguard or the google authentication.

Else, where do you draw the line of customer responsibility?

Is it when you had your computer secured with a military encryption?

What exactly is "reasonable"?

Not every consumer of yours is a computer-whiz and aware of the dangers. As a company you have to provide the necessary precautions so even the dumbest of your clients is secure if they provide a paid service.

Originally posted by AdamTM

Seatbelts are not optional when you pruchase a car, if you put them on, thats another question.

A company has to offer adequate -free- protection to the consumer of their product.

They did, it's called a login name and password.  Like you said, it's up to you to put the seatbelt on...  Strong passwords and safe surfing are the buckle.

Oh trust me i agree with you on their business practices at Blizzard, however their authenticator for phones, itouches and ipads is free.

Tho, I have to bring this up, if they didn't make D3 persistantly online under the lie that somehow it was simply to kill off the gold farmers (as opposed to their real position of absolute greed) then they probably wouldn't be having this issue now would they. hmmm... nope.

I think Blizzard could do a bit more with security, at least with the login.  I cannot stand games that make me login with my email.  My email is very easy to figure out and once someone has that, they have got part of the login already.  A set username would be more secure imo, like it used to be before the battle.net merge.  Also, battle.net does not recognize the difference between uppercase and lowercase letters in the password string.  If you enter uppercase laters for your password, they are converted to lowercase when sent to the server.  So this password 'HaCk' is the same as 'hack'.  Maybe that only helps when the pw is being brute forced, but surely it couldn't hurt to allow for case sensitivity. 

Ultimately though, the blame is on us.  We need to use more varied passwords on various sites and be more careful with how we surf the web.  To be honest I think a lot of the accounts were comprised with data stolen from other databases/websites, not Blizzards.

I will say this however, my WoW account was comprised a couple/few years ago.  It was not long after the WoW account/battle.net merge.  How it happened?  I don't know but I blame myself.  It's the only game account out of the hundreds (I have played a lot games!)I have that has been comprised.  Since then I have been much more careful with passwords/usernames and haven't had a problem since.  The free authenticator ofc helps as well.

Originally posted by RealPvPisFPS

I do have some facts here:

I logged off last night with my level 51 character on Nightmare mode in the last part of Sanctuary getting ready to beat it to go on to Hell mode.

I log on this morning and all my gold, items in storage and items on my character were gone. My character was back on Normal mode in Tristan with the beginning quest again. I submitted a trouble ticket and won't hear back for a couple of days or if at all.

There is no rootkit or other viruses, keyloggers or any kind of malware on my computer. I know about the fake Blizzard emails going around that are phishing scams.

I never have played co-op yet in Diablo 3 so those specualtions on how others can hack those on multiuplayer which I've read about cancels me out even if it is remotely true.

One of two things happened or both, who knows, 1. Blizzard has a major bug on their system causing these issues to a vast majority of people or 2. Professional hackers were able to compromise the Blizzard's servers.

Take your pick because it is one of these two or both. Blizzard is denying everything, go figure.

 

 

 

Make sure you are logging into the correct region.  For some reason or another it has randomly switched for some people during a hotfix or maint. or something.  Check your region because if you log into a different region (Americas, Asia, EU) you will have nothing. 

Originally posted by JeroKane

Originally posted by Fessor111

Can't you use your mobile phone as authenticator anymore?

Yes you can.

Can I? I dont have a smart phone and dont need one. I have a basic cellular phone with text. I dont need to surf the web check emails or such on my phone. Can I still use this authenticator without a smart phone?

I do know one thing and my pc has the latest updates and virus protection. My buddies smartphone is easier to hack by far since they dont have any protection of any worth.

Originally posted by Chuckanar

Originally posted by JeroKane

Originally posted by Fessor111

Can't you use your mobile phone as authenticator anymore?

Yes you can.

Can I? I dont have a smart phone and dont need one. I have a basic cellular phone with text. I dont need to surf the web check emails or such on my phone. Can I still use this authenticator without a smart phone?

I do know one thing and my pc has the latest updates and virus protection. My buddies smartphone is easier to hack by far since they dont have any protection of any worth.

You need a phone with either the Andriod operating system or iOs (Iphone) to use the authenticator. 

Beyond that, using a crazy password that is ONLY used for battle.net and being very careful when viewing your emails should be enough.  Surf the web responsibly :)

Originally posted by mcburly

So according to blizzard supporters, the fact that over the past couple days large amounts of accounts(anywhere between 10k-100k) have been hacked, and we are not supposed to believe that blizzard deserves any of the blame?

 

I tend to be pretty safe and cautious on my computer AND no one else uses it, yet somehow my account on diablo got hacked and all my items and gold was removed.

 

I also have played numerous mmos and have never had an account hacked in any of them. My battle.net account ahs been hacked twice....

Ive changed passwords numerous times and just now added an authenticator but NO other game has made me have to do that. So please enlighten me blizzard supporters, why I should not blame blizzard whatsoever.

If blizzards servers were compromised they are legally required to inform their customers. This is why everytime there is a compromise the companies come out and fess up. Everytime it costs them money, but it would cost them even more money if they were to keep the compromise secret and it was found out.

Fact is 6.3 million people bought the game last week.

Assuming that is ONLY the people who bought the game, and not more, and assuming out of the 6.3 100k people were compromised.

Thats a .01% of the user base. If blizzards servers were compromised...we'd be seeing a far greater number of accounts compromised. Something in the neighborhood of a million or more. The servers would be offline and everyones accounts would be locked for security reasons.

If blizzard was compromised this would be a significantly greater issue. .01% of your users (and I personally think 100,000 is high) screams fishing, social engineering, keylogging, and forum database compromises not blizzard getting hacked.

**Edit Just to be clear Im not a blizzard or Activision fanboi. I personally despise activision and their business practices with their call of duty series. Blizzard is only marginally better. That being said lots of folks in this thread are saying a lot of things with out knowing the basics of internet security.

Originally posted by Chuckanar

Originally posted by JeroKane

Originally posted by Fessor111

Can't you use your mobile phone as authenticator anymore?

Yes you can.

Can I? I dont have a smart phone and dont need one. I have a basic cellular phone with text. I dont need to surf the web check emails or such on my phone. Can I still use this authenticator without a smart phone?

I do know one thing and my pc has the latest updates and virus protection. My buddies smartphone is easier to hack by far since they dont have any protection of any worth.

Your simple txt phone will work now and if not now shortly as blizzard is now rolling out sms (txt) authentication.

As for your smart phone getting hacked, sure its possible, but that would require the hacker to be in proximity to you to get your information. They would then still need your account user name and password, and be able to access that phone with in 30 seconds of the number being generated. Most folks with these skills couldnt care less about your D3 account.

Originally posted by Mephster

Yeah ok Blizzard. I like your games but your business practices are just poor as hell. It is so much easier to blame the next guy when Diablo 3 has a ton of issues right now.

 

Link: http://www.incgamers.com/News/31394/diablo-3-hacks-are-not-a-blizzard-problem-state-blizzard 

 

Actually, the burden of proof is on the people making the charge to substantiate it.    Getting hacked when you have an RMA token isn't easy.  Possible, but not easy, and most likely, not worth the trouble.

I believe Blizzard when they say nobody with an authenticator got hacked.  And I still disagree with their absurd DRM, their RMAH, and their general approach to things as of late.