Diablo III Post-Launch Update
Blizzard has just posted a post-launch update on hotfixes, the real mony auction house, and account security. It also looks like the RMAH has been pushed back again past May. This time with no release date.
We’d like to address some of the ongoing concerns from the Diablo® III community since the game went live last week, and go into more detail about how we plan to tackle some of the lingering post-launch issues so players can focus on what they want to be focused on -- playing Diablo III.
Hotfixes, Upcoming Patch, and Ongoing Issues
Since the game’s launch, we’ve applied a number of hotfixes to address gameplay issues, made tweaks to improve our service stability, and performed occasional server maintenance when necessary to ensure that in the long term, players have the best gameplay experience possible. Moving forward, additional server maintenances will be required -- and sometime next week, we plan to release a game update in the form of a patch that will further address client issues and apply additional bug fixes.
We also wanted to let you know that we’re still looking into the best way to address the achievements that some players lost in the hours following the game’s release. While we don’t have any concrete details to share with you just yet, we will have more information to share in the weeks ahead. We appreciate everyone’s patience as we work to improve stability and usability for all players.
Real-Money Auction House Coming Soon
In light of the post-launch obstacles we’ve encountered, we have made the decision to move the launch of the real-money auction house beyond the previously estimated May time frame. As we mentioned in our original announcement, our goal has always been to ensure everyone has the smoothest experience possible when the real-money auction house launches, and we need a bit more time to iron out the existing general stability and gameplay issues before that feature goes live. While we don’t have a new launch date to share just yet, we’ll have more information soon.
Battle.net®/Diablo III Security Concerns
Over the past couple of days, players have expressed concerns over the possibility of Battle.net® account compromises. First and foremost, we want to make it clear that the Battle.net and Diablo III servers have not been compromised. In addition, the number of Diablo III players who’ve contacted customer service to report a potential compromise of their personal account has been extremely small. In all of the individual Diablo III-related compromise cases we’ve investigated, none have occurred after a physical Battle.net Authenticator or Battle.net Mobile Authenticator app was attached to the player’s account, and we have yet to find any situation where a Diablo III player's account was accessed outside of “traditional” compromise methods (i.e. someone logging using an account's login email and password).
To that end, we’ve also seen discussions regarding the possibility of account compromises occurring in ways that didn’t involve these “traditional” methods -- for example, by “session spoofing” a player’s identity after he or she joins a public game. Regarding this specific example, we’ve looked into the issue and found no evidence to indicate compromises are occurring in this fashion, and we’ve determined the methods being suggested to do so are technically impossible. However, you have our assurance that we’ll continue to investigate reports such as these and keep you informed of important updates.
The best defense against account theft still includes smart password management (e.g. using a unique password for every site/service and keeping your password to yourself) and scanning for malware and viruses regularly, as well as following additional preventative steps found here. In the end, while no security method is 100% foolproof, the physical Battle.net Authenticator andBattle.net Mobile Authenticatorapp are great ways to provide your account with an extra layer of protection.
We hope this update has addressed some of the concerns you’ve had. In the end, we simply want all of our players to be able to fully enjoy Diablo III, and we’ve been working around the clock to address issues as quickly and efficiently as possible. We appreciate your continued support and enthusiasm, and we hope you and your friends are having a blast slaying Sanctuary’s demons.
Can you address the concerns about class balance, end game, and itemization next?
We'll be addressing these as we can, just not in this particular post. We're not going anywhere and we're all in this for the long haul.
Hotfix patch notes please?
We'll be adding hotfix notes here as they are added in. We'll do our best to update it as quickly as possible.
My account was compromised and I was offered a limited account restoration to which I accepted. This was about 48 hours ago, I was wondering if you had any information on about how long this process takes b/c I'd really like to start playing again!
I can't really answer that for you with a specific time frame. I do know that our customer support team is working as quickly as possible to address this for anyone who has been compromised. Hopefully we'll have you back to demon slaying soon.
BTW, for all those sharing any feedback on game changes, these would be best served in an existing discussion thread just so that we can find this feedback more easily. We appreciate those who have constructive feedback to share with us and we'll do our best to keep you as updated as possible. Just keep in mind that we may not always have immediate answers to share, but that doesn't mean we aren't paying attention.
I think this will hopefully convince people to not believe rumors that start on GAMEFAQS (of all places, jeeze).
And as I've said before - they should have never called the Dial-In Authenticator an Authenticator. It barely works at all and certainly is not remotely hack-proof. It apparently leads to situations like this where people with "Authenticators" (lol dial-in) get hacked and then people with real ones get worried.
Great my account was hacked and now i cant login again, couse they changed the password, i have gotten two mails from blizzard to continue a restore of my account, by LOGING on to my account, that i CAN'T login on... fucking great, no spyware, no virus, no keylogger on my computer... thanks blizz. probably want me to buy an other copy so it can be hacked again.
So now we know the truth. The people losing stuff have taken absolutely no precautions to anti-hack measures. Good for you guys, keep spamming the forums about how Blizz sucks and you never visited any sites looking for hacks to play the game which resulted in you getting a nice keylogger because you're also too cheap to install some virus and internet protection.
It's rather irritating to read people still posting they got hacked when in the reality of things a 5 dollar item or downloadable app would handle all these problems. I'm going to err with Blizzard on this one, get some protection. It's not that they are looking to make more money, they are implementing something to protect their customers and the stupid. 12 years of Blizzard games and not a single loss of items due to hacking. And in all of their games I've routinely been someone you would want to hack, that is, one of the wealthiest players in their games... it's what I do. I got my authenticator as soon as possible (when they weren't running out of stock). Annoying to use sometimes, but guess what? I'm not one of the people sitting around waiting on account restoration, my free gaming time is worth more than 5 bucks!
And I'm no fanboy, I'm more critical of this game and the company than I've been in any game of theirs in the past.
So now we know the truth. The people losing stuff have taken absolutely no precautions to anti-hack measures.
I don't think you can say no precautions have been taken by these players (at least not all of them). Quite a few hacks are sophisticated enough to sneak past the most popular (although probably not the most effective) anti-virus programs, both paid and free.
EDIT: There's also the myth of "I only browse legit websites". That simply is not a precaution that matters in this day-and-age. Many mainstream websites have accidentally hosted infected ads, and even Google lists sponsored ads designed to target player accounts - particularly WoW!
I don't know about you, but I think that Blizzard's official notice is a lot more reliable than random people in the internet.
If Blizzard was lying about this there would be lots of topics in these or the official forums with at least a screenshot of the authenticator confirmation e-mail before the hacks.
People are just losing their minds because of their own lack of security and trying to make people believe that this is not their fault.
I don't know about you, but I think that Blizzard's official notice is a lot more reliable than random people in the internet.
If Blizzard was lying about this there would be lots of topics in these or the official forums with at least a screenshot of the authenticator confirmation e-mail before the hacks.
People are just losing their minds because of their own lack of security and trying to make people believe that this is not their fault.
I'm sorry, but it was only an example. I didn't want to flood it here, but if you search, you'll find pretty similar reports on these hackings... People with authenticators... Blizzard's replying tickets saying there was no evidence of the account being hacked... People with level 1 characters on the Recent Played list... Many of them.
A close friend of mine was hacked, after playing in a Public Game, and a level 1 character appeared in his Recent Played list (which he didn't play with before). He didn't have an authenticator, but he's very knowledgeable with computers and was never hacked before.
So, it's all just evidence... I just wish they would investigate further, as they said they will, but without ignoring these evidences.
I'm sorry, but it was only an example. I didn't want to flood it here, but if you search, you'll find pretty similar reports on these hackings... People with authenticators... Blizzard's replying tickets saying there was no evidence of the account being hacked... People with level 1 characters on the Recent Played list... Many of them.
A close friend of mine was hacked, after playing in a Public Game, and a level 1 character appeared in his Recent Played list (which he didn't play with before). He didn't have an authenticator, but he's very knowledgeable with computers and was never hacked before.
So, it's all just evidence... I just wish they would investigate further, as they said they will, but without ignoring these evidences.
Look at the Customer service forums and filter by blue post. They've been responding to almost every person who claims to be hacked by authenticator. The threads go like this: "WOW All these peepls gettin hacked, happesn to me too and I have an authenticator"
Blue: "You never have had an authenticator on that account"
Original poster never comes back
That happens over and over and over again. They've specifically investigated the ones claiming to have authenticators and found that none of them of had "true" authenticators (dial-in ones don't work worth shit). They have to investigate this seriously and they spent over 2-3 days before they even responded - obviously, they've been checking everything that was said and taking it very seriously.
The reason the level 1s are in the list is simple: when they hack your account, they give it to the level 1 because there is no mail system. That level 1 gives it to another and so on and so-forth. Your friend may know a lot about computers, but if he does he should know that safe computer practices are never enough if you don't constantly update flash and java (both types of flash) as new vulnerabilities pop up all the time. There have been several huge hacking waves in WoW where people claimed Blizzard was hacked but in reality Adobe Flash had a new vulnerability.
The Public session theory is even more silly. When that theory came out, there were tons of exceptions to that theory quickly uncovered, so the people supporting it said "Oh, they probably can hack private sessions too, so just don't make ANY GAMES". That's like me saying that people with left-hands play great basketball, then somebody with a right-hand proving they did too, and then me revising my statement to say "oh and right-handed people too".
The reason you find this "evidence" all over the internet is because people like you post it as evidence everywhere you go. Somebody could link this thread if we didn't try to refute your claims and say "look there's another guy saying he saw people with authenticators being hacked". Everyone is just repeating the same thing across different forums and then they point to the number of times they've repeated it as evidence that it is more true. It's ridiculous circular logic.
I want a single person to come forward as the bannerman for these supposed "authenticator hacks". I want him to post on the Battle.net forums and make a coherent post in modern English stating his circumstances. Is that so entirely unreasonable? I imagine if there were people who got hacked with an authenticator (that isn't Dial-In) and they were called liars (like I'm calling them now), they would at least make such a tiny effort like posting on the Battle.net forums.
I'm sorry, but it was only an example. I didn't want to flood it here, but if you search, you'll find pretty similar reports on these hackings... People with authenticators... Blizzard's replying tickets saying there was no evidence of the account being hacked... People with level 1 characters on the Recent Played list... Many of them.
A close friend of mine was hacked, after playing in a Public Game, and a level 1 character appeared in his Recent Played list (which he didn't play with before). He didn't have an authenticator, but he's very knowledgeable with computers and was never hacked before.
So, it's all just evidence... I just wish they would investigate further, as they said they will, but without ignoring these evidences.
Look at the Customer service forums and filter by blue post. They've been responding to almost every person who claims to be hacked by authenticator. The threads go like this: "WOW All these peepls gettin hacked, happesn to me too and I have an authenticator"
Blue: "You never have had an authenticator on that account"
Original poster never comes back
That happens over and over and over again. They've specifically investigated the ones claiming to have authenticators and found that none of them of had "true" authenticators (dial-in ones don't work worth shit). They have to investigate this seriously and they spent over 2-3 days before they even responded - obviously, they've been checking everything that was said and taking it very seriously.
The reason the level 1s are in the list is simple: when they hack your account, they give it to the level 1 because there is no mail system. That level 1 gives it to another and so on and so-forth. Your friend may know a lot about computers, but if he does he should know that safe computer practices are never enough if you don't constantly update flash and java (both types of flash) as new vulnerabilities pop up all the time. There have been several huge hacking waves in WoW where people claimed Blizzard was hacked but in reality Adobe Flash had a new vulnerability.
The Public session theory is even more silly. When that theory came out, there were tons of exceptions to that theory quickly uncovered, so the people supporting it said "Oh, they probably can hack private sessions too, so just don't make ANY GAMES". That's like me saying that people with left-hands play great basketball, then somebody with a right-hand proving they did too, and then me revising my statement to say "oh and right-handed people too".
The reason you find this "evidence" all over the internet is because people like you post it as evidence everywhere you go. Somebody could link this thread if we didn't try to refute your claims and say "look there's another guy saying he saw people with authenticators being hacked". Everyone is just repeating the same thing across different forums and then they point to the number of times they've repeated it as evidence that it is more true. It's ridiculous circular logic.
I want a single person to come forward as the bannerman for these supposed "authenticator hacks". I want him to post on the Battle.net forums and make a coherent post in modern English stating his circumstances. Is that so entirely unreasonable? I imagine if there were people who got hacked with an authenticator (that isn't Dial-In) and they were called liars (like I'm calling them now), they would at least make such a tiny effort like posting on the Battle.net forums.
Well, you have a good point. Although, the forums are not the right place to report these things. You just open a ticket and get it solved personally.
There are many that claim about being hacked with an authenticator just in this blue post topic... But it's just one of the similarities people have been reporting. What about the "no evidence your account has been compromised" one?
Anyway, I'll try to get someone who claimed that to post on the forums, then. I just want these weird things to be clarified.
Not that I ever planned on using the RMAH in any way, but I am mildly surprised that they've pushed it back until further notice.
I agree. With the way that AH is saturated with top tier gear from Act III - Act IV inferno at the moment, I think it would be unwise to release the RMAH.
I'm assuming that they want to wait to see how Inferno progress (and as such the availability of items) plans out over the coming weeks/months before releasing, so that the gold Auction House economy has time to settle.
Not that I ever planned on using the RMAH in any way, but I am mildly surprised that they've pushed it back until further notice.
Extremely happy that they are. The economy is currently in shambles until they fix the outrageously bad itemization.
Gold is too easy to farm and essentially worthless because great items are so cheap and an item based economy isn't even viable since blues are all over the place and the really rare drops are garbage
"the number of Diablo III players who’ve contacted customer service to report a potential compromise of their personal account has been extremely small"
"I can't really answer that for you with a specific time frame. I do know that our customer support team is working as quickly as possible to address this for anyone who has been compromised. Hopefully we'll have you back to demon slaying soon."
Interesting, so the number of people contacting customer service is extremely small, and yet my friend has been waiting for 2 and half days now not to mention over 30mins holding on the phone.....
If you ask me, the so called security thread is nothing but a sillyauthenticator-promotion!
Just login to your battle.net account. You will notice a warning-message that your account is not save. If you click on it you will see a big advertising page where to get a battle.net authenticator. Actualy it names you the a price and i wonder if there was more blizzard employees searching for the THREAD than creating all this marketing shit. Sorry Sir, thats my conspiracy theory for today... o.O
It's not a money making thing....and I would RARELY say that.
It saves you heartache (at the cost of a bit of a headache) and saves Blizzard money rather than make them money. The app is free and they charge too little for the authenticator to cover the cost of development and maintenance of both the app and the physical fob.
Not that I ever planned on using the RMAH in any way, but I am mildly surprised that they've pushed it back until further notice.
You do know this is Blizzard? This is why I was upset about hearing that the AH would not be at release and would be released "a week later". I know that means a month at the earliest and it's stupid. I want to sell my stuff while it's still rare... oh well.
You do know this is Blizzard? This is why I was upset about hearing that the AH would not be at release and would be released "a week later". I know that means a month at the earliest and it's stupid. I want to sell my stuff while it's still rare... oh well.
I know it's Blizzard; that's why I included the adjective "mildly".
If you have the physical or mobile authenticator (both of which major banks use and charge $30+ for) the chances of you being compromised are very, very small. I've personally examined the MSInfo files of nearly all of the handful of WoW players who have actually been compromised through an authenticator, and the sheer number of backdoor programs and other malware on their systems has been mind boggling.
There you go. Yes, I know he already clarified this data is from previously compromised WoW accounts, and not from this new wave of D3 compromises, BUT, it IS possible to bypass the authenticator.
Diablo III Post-Launch Update
Blizzard has just posted a post-launch update on hotfixes, the real mony auction house, and account security. It also looks like the RMAH has been pushed back again past May. This time with no release date.
Originally Posted by Blizzard (Blue Tracker / Official Forums)
Hotfixes, Upcoming Patch, and Ongoing Issues
Since the game’s launch, we’ve applied a number of hotfixes to address gameplay issues, made tweaks to improve our service stability, and performed occasional server maintenance when necessary to ensure that in the long term, players have the best gameplay experience possible. Moving forward, additional server maintenances will be required -- and sometime next week, we plan to release a game update in the form of a patch that will further address client issues and apply additional bug fixes.
We also wanted to let you know that we’re still looking into the best way to address the achievements that some players lost in the hours following the game’s release. While we don’t have any concrete details to share with you just yet, we will have more information to share in the weeks ahead. We appreciate everyone’s patience as we work to improve stability and usability for all players.
Real-Money Auction House Coming Soon
In light of the post-launch obstacles we’ve encountered, we have made the decision to move the launch of the real-money auction house beyond the previously estimated May time frame. As we mentioned in our original announcement, our goal has always been to ensure everyone has the smoothest experience possible when the real-money auction house launches, and we need a bit more time to iron out the existing general stability and gameplay issues before that feature goes live. While we don’t have a new launch date to share just yet, we’ll have more information soon.
Battle.net®/Diablo III Security Concerns
Over the past couple of days, players have expressed concerns over the possibility of Battle.net® account compromises. First and foremost, we want to make it clear that the Battle.net and Diablo III servers have not been compromised. In addition, the number of Diablo III players who’ve contacted customer service to report a potential compromise of their personal account has been extremely small. In all of the individual Diablo III-related compromise cases we’ve investigated, none have occurred after a physical Battle.net Authenticator or Battle.net Mobile Authenticator app was attached to the player’s account, and we have yet to find any situation where a Diablo III player's account was accessed outside of “traditional” compromise methods (i.e. someone logging using an account's login email and password).
To that end, we’ve also seen discussions regarding the possibility of account compromises occurring in ways that didn’t involve these “traditional” methods -- for example, by “session spoofing” a player’s identity after he or she joins a public game. Regarding this specific example, we’ve looked into the issue and found no evidence to indicate compromises are occurring in this fashion, and we’ve determined the methods being suggested to do so are technically impossible. However, you have our assurance that we’ll continue to investigate reports such as these and keep you informed of important updates.
The best defense against account theft still includes smart password management (e.g. using a unique password for every site/service and keeping your password to yourself) and scanning for malware and viruses regularly, as well as following additional preventative steps found here. In the end, while no security method is 100% foolproof, the physical Battle.net Authenticator andBattle.net Mobile Authenticatorapp are great ways to provide your account with an extra layer of protection.
We hope this update has addressed some of the concerns you’ve had. In the end, we simply want all of our players to be able to fully enjoy Diablo III, and we’ve been working around the clock to address issues as quickly and efficiently as possible. We appreciate your continued support and enthusiasm, and we hope you and your friends are having a blast slaying Sanctuary’s demons.
Can you address the concerns about class balance, end game, and itemization next?
We'll be addressing these as we can, just not in this particular post. We're not going anywhere and we're all in this for the long haul.
Hotfix patch notes please?
We'll be adding hotfix notes here as they are added in. We'll do our best to update it as quickly as possible.
My account was compromised and I was offered a limited account restoration to which I accepted. This was about 48 hours ago, I was wondering if you had any information on about how long this process takes b/c I'd really like to start playing again!
I can't really answer that for you with a specific time frame. I do know that our customer support team is working as quickly as possible to address this for anyone who has been compromised. Hopefully we'll have you back to demon slaying soon.
BTW, for all those sharing any feedback on game changes, these would be best served in an existing discussion thread just so that we can find this feedback more easily. We appreciate those who have constructive feedback to share with us and we'll do our best to keep you as updated as possible. Just keep in mind that we may not always have immediate answers to share, but that doesn't mean we aren't paying attention.
And as I've said before - they should have never called the Dial-In Authenticator an Authenticator. It barely works at all and certainly is not remotely hack-proof. It apparently leads to situations like this where people with "Authenticators" (lol dial-in) get hacked and then people with real ones get worried.
It's rather irritating to read people still posting they got hacked when in the reality of things a 5 dollar item or downloadable app would handle all these problems. I'm going to err with Blizzard on this one, get some protection. It's not that they are looking to make more money, they are implementing something to protect their customers and the stupid. 12 years of Blizzard games and not a single loss of items due to hacking. And in all of their games I've routinely been someone you would want to hack, that is, one of the wealthiest players in their games... it's what I do. I got my authenticator as soon as possible (when they weren't running out of stock). Annoying to use sometimes, but guess what? I'm not one of the people sitting around waiting on account restoration, my free gaming time is worth more than 5 bucks!
And I'm no fanboy, I'm more critical of this game and the company than I've been in any game of theirs in the past.
I don't think you can say no precautions have been taken by these players (at least not all of them). Quite a few hacks are sophisticated enough to sneak past the most popular (although probably not the most effective) anti-virus programs, both paid and free.
EDIT: There's also the myth of "I only browse legit websites". That simply is not a precaution that matters in this day-and-age. Many mainstream websites have accidentally hosted infected ads, and even Google lists sponsored ads designed to target player accounts - particularly WoW!
I don't know about you, but I think that Blizzard's official notice is a lot more reliable than random people in the internet.
If Blizzard was lying about this there would be lots of topics in these or the official forums with at least a screenshot of the authenticator confirmation e-mail before the hacks.
People are just losing their minds because of their own lack of security and trying to make people believe that this is not their fault.
I'm sorry, but it was only an example. I didn't want to flood it here, but if you search, you'll find pretty similar reports on these hackings... People with authenticators... Blizzard's replying tickets saying there was no evidence of the account being hacked... People with level 1 characters on the Recent Played list... Many of them.
A close friend of mine was hacked, after playing in a Public Game, and a level 1 character appeared in his Recent Played list (which he didn't play with before). He didn't have an authenticator, but he's very knowledgeable with computers and was never hacked before.
So, it's all just evidence... I just wish they would investigate further, as they said they will, but without ignoring these evidences.
Look at the Customer service forums and filter by blue post. They've been responding to almost every person who claims to be hacked by authenticator. The threads go like this: "WOW All these peepls gettin hacked, happesn to me too and I have an authenticator"
Blue: "You never have had an authenticator on that account"
Original poster never comes back
That happens over and over and over again. They've specifically investigated the ones claiming to have authenticators and found that none of them of had "true" authenticators (dial-in ones don't work worth shit). They have to investigate this seriously and they spent over 2-3 days before they even responded - obviously, they've been checking everything that was said and taking it very seriously.
The reason the level 1s are in the list is simple: when they hack your account, they give it to the level 1 because there is no mail system. That level 1 gives it to another and so on and so-forth. Your friend may know a lot about computers, but if he does he should know that safe computer practices are never enough if you don't constantly update flash and java (both types of flash) as new vulnerabilities pop up all the time. There have been several huge hacking waves in WoW where people claimed Blizzard was hacked but in reality Adobe Flash had a new vulnerability.
The Public session theory is even more silly. When that theory came out, there were tons of exceptions to that theory quickly uncovered, so the people supporting it said "Oh, they probably can hack private sessions too, so just don't make ANY GAMES". That's like me saying that people with left-hands play great basketball, then somebody with a right-hand proving they did too, and then me revising my statement to say "oh and right-handed people too".
The reason you find this "evidence" all over the internet is because people like you post it as evidence everywhere you go. Somebody could link this thread if we didn't try to refute your claims and say "look there's another guy saying he saw people with authenticators being hacked". Everyone is just repeating the same thing across different forums and then they point to the number of times they've repeated it as evidence that it is more true. It's ridiculous circular logic.
I want a single person to come forward as the bannerman for these supposed "authenticator hacks". I want him to post on the Battle.net forums and make a coherent post in modern English stating his circumstances. Is that so entirely unreasonable? I imagine if there were people who got hacked with an authenticator (that isn't Dial-In) and they were called liars (like I'm calling them now), they would at least make such a tiny effort like posting on the Battle.net forums.
Well, you have a good point. Although, the forums are not the right place to report these things. You just open a ticket and get it solved personally.
There are many that claim about being hacked with an authenticator just in this blue post topic... But it's just one of the similarities people have been reporting. What about the "no evidence your account has been compromised" one?
Anyway, I'll try to get someone who claimed that to post on the forums, then. I just want these weird things to be clarified.
It originated on Gamefaqs? O.O How the hell did it ever come this far.
I agree. With the way that AH is saturated with top tier gear from Act III - Act IV inferno at the moment, I think it would be unwise to release the RMAH.
I'm assuming that they want to wait to see how Inferno progress (and as such the availability of items) plans out over the coming weeks/months before releasing, so that the gold Auction House economy has time to settle.
Extremely happy that they are. The economy is currently in shambles until they fix the outrageously bad itemization.
Gold is too easy to farm and essentially worthless because great items are so cheap and an item based economy isn't even viable since blues are all over the place and the really rare drops are garbage
Originally Posted by (Blue Tracker / Official Forums)
"the number of Diablo III players who’ve contacted customer service to report a potential compromise of their personal account has been extremely small"
"I can't really answer that for you with a specific time frame. I do know that our customer support team is working as quickly as possible to address this for anyone who has been compromised. Hopefully we'll have you back to demon slaying soon."
Interesting, so the number of people contacting customer service is extremely small, and yet my friend has been waiting for 2 and half days now not to mention over 30mins holding on the phone.....
It's not a money making thing....and I would RARELY say that.
It saves you heartache (at the cost of a bit of a headache) and saves Blizzard money rather than make them money. The app is free and they charge too little for the authenticator to cover the cost of development and maintenance of both the app and the physical fob.
You do know this is Blizzard? This is why I was upset about hearing that the AH would not be at release and would be released "a week later". I know that means a month at the earliest and it's stupid. I want to sell my stuff while it's still rare... oh well.
I know it's Blizzard; that's why I included the adjective "mildly".
There you go. Yes, I know he already clarified this data is from previously compromised WoW accounts, and not from this new wave of D3 compromises, BUT, it IS possible to bypass the authenticator.