If Blizzard wasn’t having enough problems already, with Diablo 3’s overloaded servers and ridiculous anti-piracy measures, news is filtering through of mass account hacks. Remember; this is a single (or at most four-player) game that had no reason to be online-only beyond Blizzard’s increasingly ludicrous concerns about piracy.
Our friends over at Eurogamer have already experienced this, with writer Chris Donlan (an infrequent PC gamer, who probably didn’t implement particularly solid security techniques) having his account taken by hackers. Looking around the web, it’s obvious this isn’t an unusual occurence - there are multiple warnings about accounts being taken over. My own long-dormant World of Warcraft account was hacked last year - unusual, given I’d not logged into for several years, so that the hack felt like it must have been from Blizzard’s end.
Blizzard has responded to the hack stories and to the implication that Blizzard values its own protection from piracy more than our ability to play the game we bought; “We've been taking the situation extremely seriously from the start, and have done everything possible to verify how and in what circumstances these compromises are occurring," he said. "Despite the claims and theories being made, we have yet to find any situations in which a person's account was not compromised through traditional means of someone else logging into their account through the use of their password.”
Notably, though commentors and forum members on several sites are saying that their accounts have been hacked _despite_ having attached authenticators. It’s been suggested that player’s session identifiers are being hijacked and the accounts transferred at that point. If true, that would indicate a more fundamental security flaw on Blizzard’s behalf.
Why do hackers target Blizzard’s games so much? Well, as Donlan’s case evinces, there’s a thriving black market for accounts that already have levelled up characters, or characters with existing subscriptions. Blizzard’s delay in introducing their announced paid-for items trading system in the game (and their design decision to make all characters inside a class essentially identical) means that the incentive to cheat is huge - especially if the only way you can be punished is by having the account taken away again.
To stop your account being hacked, the quickest route is to get an authenticator on your mobile phone. It’s free and, once installed, reduces the chance of account theft massively. Beyond that, change your password regularly, keep your PC spyware-free (we recommend Malwarebytes for a deep clean) and log in often.
Image courtesy of http://vizzzual.com/