More from Blizzard on Account HackingPosted 26 May 2012by
Players continue to report accounts that have been stripped of their valuables, and Blizzard continues to say “Sorry, but we can do anything more than give you security suggestions and tell you to use an authenticator.” Despite rumors about Battle.net being compromised and players with authenticators getting cleaned out, Bliz continues to say that every single report they’ve looked at has been accessed via the account/password, just like you do to your own account, which seems to mean it’s all being done with key loggers and social engineering.
Blizzard can roll back your account if you were hacked, if their investigation shows that it was accessed from a distant IP# and stripped that way. Use this page to submit such a claim, but be prepared to wait a few days when you can’t play, since the fix is to roll your account back to where it was when you were “hacked” which means any progress since then will be erased. Players are reporting something of a wait for this service, which isn’t real surprising given the amount of claims, and the fact that Bliz tech support has to investigate them all individually, since you know people as are trying to abuse the system by dumping all their stuff on a friend’s account and then petitioning for a rebate.
Here’s Bashiok replying to a typically angry poster who is convinced of conspiracy theory evils.
This title is mainly to get as many people to view this as possible, because attacking your poor Blizzard gets you all in a huff. Anyway, just a little something to shed light on this recent failure.
We’ve already made a statement here.
1) Hacking via SQL injection as stated in the article, not an issue with unprotected home computers as some have suggested.
We’re well aware that someone posted an idea once and it has been picked up and reposted as fact by more than a few people. It’s unfortunate.
2) Accounts with authenticators have still been compromised.
We have yet to have a single report of account compromise in which an authenticator was attached beforehand, this is absolutely false. While an authenticator does not guarantee 100% protection, one has not been found on a single account that has reported a compromise. We’d appreciate people stop spreading rumors.
5) You might want to remove any authenticator you have, because even those have proven not to work as a full proof security measure.
6) If you are really paranoid, drop your valuable items somewhere that a hacker wouldn’t know to look if they gained access to your account, not really recommended.
I don’t honestly even know what to say to either of these.
If you want to improve your account security please visit www.battle.net/security and follow the steps there, ensure your battle.net email address and password are unique (you’re not using them in other places), you have an authenticator attached, and in the event you have been compromised please follow the instructions in the thread I linked above.
There are some laughs to be had, at least. I didn’t think I’d ever say that Bashiok had just pwned someone, but how else would you describe this reply?
It seems that if you have a level 60, authenticator or not, you will lose all of your items. It finally happened to me, 4 hours after I hit level 60 on my first character. Blizzard needs to do something about this. Take the damn servers down until you find the exploit, if you have to.
Bashiok: You do not currently have an authenticator attached to your account. If your account has been hacked please follow the steps here.
Since I’m curious, here are a couple of quick polls to measure how prevalent the hacking is, and to see who you guys think is to blame.
Has your Diablo III account been "hacked?"
- 2) Nope, no problems. (88%, 3,461 Votes)
- 3) Not mine, but a friend was hacked. (7%, 285 Votes)
- 1) Yes and I was robbed (5%, 206 Votes)
Total Voters: 3,952
Who is to blame for the D3 account "hacking."
- 1) Users without adequate security measures. (72%, 2,284 Votes)
- 4) Blizzard for online-only DRM forcing us to play on Battle.net (15%, 472 Votes)
- 2) Battle.net is getting hacked directly. (7%, 217 Votes)
- 3) Blizzard should have required more user security. Mandatory authenticators? (6%, 178 Votes)
Total Voters: 3,151
None of this changes the unfortunately reality that many players, through virtually no fault and certainly no intention of their own, are getting robbed. Typical sad post:
I was on last night after being off the game for about a week. I noticed all my crafting materials were gone. that’s not too big of a deal to me. but the part where I log back on this morning and absolutely every single item on my level 46 Demon Hunter is gone. that’s about 30 hours of gameplay on this guy and all I have to show for it is his level. I am not pleased.
I love the game and I really want to keep playing it. but I would have to spend at least another 10 hours of my life to find half decent items for my guy. I would like it if someone from Blizzard could roll back my account to last night/early this morning because I just want my items back
The account appears to have been compromised. Unfortunately we’re unable to assist directly with account issues like this in this forum. The most we can do is suggest you make sure your computer is secure from viruses and other malware that could be the cause of the compromised.
Also, we do have a proper way to report compromised accounts through our support site. When creating a ticket, you’ll be guided through that process.
For information on both of these things, please check here.