I am on a Mac and check for software updates every day, and last night I was offered a Java security update that was supposed to address a security vulnerability with the Java plug-in for the Safari web browser. Who knows, maybe that's how my account managed to get compromised.
Just FYI, and this isn't criticizing you: I play on a Mac, I work in IT security, and know how to keep things clean w/o an authenticator...but I've had one for a couple years now, because it's like locking your car. Not foolproof, but if they're just looking to grab loose stuff out of the unlocked vehicles, they're going to pass me by. And that's how that hackers are, too. They're not going to fool with hacking past authenticators (look up man-in-the-middle, you still have to be compromised on your end) when they have all those new accounts with no locks ripe for the picking just after launch.
(speculation) I wonder how many of those accounts were beta accounts that they compromised during that time, and didn't do anything till the real game came out.
I was aware that an authenticator was a good idea, and that I really should get one, but as I said I was relying on the age-old "it won't happen to me" security plan, or perhaps the "I'm too smart and good-looking for it to happen to me" security plan. Obviously there were a few holes in my plan. I knew that, which is why I wasn't arrogant enough to fill up 7 pages of this thread with angry statements blaming Blizzard's security.
Personally, I am viewing this as a lesson well learned. The game had been out for less than a week when this happened. My highest character was only level 26 - everything that was stolen was easily recovered in a day or two of farming. I've now attached an authenticator, I've already recovered from the items and gold theft, and am not going to let this ruin my enjoyment of the game.
I have not posted in this thread since starting it because I had nothing new to add - I had done and continue to do everything possible to be careful with my internet security, but I did not have an authenticator so could not claim with any certainty if the problem was on my end or Blizzard's end.
I am on a Mac and check for software updates every day, and last night I was offered a Java security update that was supposed to address a security vulnerability with the Java plug-in for the Safari web browser. Who knows, maybe that's how my account managed to get compromised.
I've learned an important lesson about not relying on the "it won't happen to me" security plan and have attached an authenticator, which I of course should of had from the start. I consider the issue closed, and suggest all those who were 100% adamant that their security was fool-proof and the problem was with Blizzard to be more open-minded and wait for all the information before rushing to judgment in the future.
Sorry if there is already a topic on this (I didn't see one), or if I'm posting this in the wrong place.
In case you aren't aware, there has been quite a number of reports of accounts being hacked on the Us servers. The thread on the bnet forums has reached 21 pages at the time of this writing (http://us.battle.net...49008518?page=1), and there is also an article about it at http://www.examiner....diablo-3-hacked
Unfortunately I was one of those hacked. I logged in today to find all the items on the character I had last played gone, my gold gone, and my stash cleaned out. All other characters still had all their gear and items in their inventories. Blizzard offered a limited restore that would likely cause me to lose progress on other characters. If I took the restore they would ban my account from the RMAH until I attached an autenticator, and if a second restore was ever necessary my account would be permanently banned from the RMAH.
There seems to be some question at the moment if the vulnerabilities were client-side or server-side. Many people, including myself, are quite certain that they have never shared their account details and that their computers are free of viruses and spyware. A few people have even claimed that their accounts were hacked despite using the authenticator, including the author of the article I linked. Many people in the bnet thread have said that Blizzard has stopped responding to tickets about this, so I suspect they are investigating further to try to figure out what's going on.
Rollback Post to RevisionRollBack
To post a comment, please login or register a new account.
I was aware that an authenticator was a good idea, and that I really should get one, but as I said I was relying on the age-old "it won't happen to me" security plan, or perhaps the "I'm too smart and good-looking for it to happen to me" security plan. Obviously there were a few holes in my plan. I knew that, which is why I wasn't arrogant enough to fill up 7 pages of this thread with angry statements blaming Blizzard's security.
Personally, I am viewing this as a lesson well learned. The game had been out for less than a week when this happened. My highest character was only level 26 - everything that was stolen was easily recovered in a day or two of farming. I've now attached an authenticator, I've already recovered from the items and gold theft, and am not going to let this ruin my enjoyment of the game.
I am on a Mac and check for software updates every day, and last night I was offered a Java security update that was supposed to address a security vulnerability with the Java plug-in for the Safari web browser. Who knows, maybe that's how my account managed to get compromised.
I've learned an important lesson about not relying on the "it won't happen to me" security plan and have attached an authenticator, which I of course should of had from the start. I consider the issue closed, and suggest all those who were 100% adamant that their security was fool-proof and the problem was with Blizzard to be more open-minded and wait for all the information before rushing to judgment in the future.
In case you aren't aware, there has been quite a number of reports of accounts being hacked on the Us servers. The thread on the bnet forums has reached 21 pages at the time of this writing (http://us.battle.net...49008518?page=1), and there is also an article about it at
http://www.examiner....diablo-3-hacked
Unfortunately I was one of those hacked. I logged in today to find all the items on the character I had last played gone, my gold gone, and my stash cleaned out. All other characters still had all their gear and items in their inventories. Blizzard offered a limited restore that would likely cause me to lose progress on other characters. If I took the restore they would ban my account from the RMAH until I attached an autenticator, and if a second restore was ever necessary my account would be permanently banned from the RMAH.
There seems to be some question at the moment if the vulnerabilities were client-side or server-side. Many people, including myself, are quite certain that they have never shared their account details and that their computers are free of viruses and spyware. A few people have even claimed that their accounts were hacked despite using the authenticator, including the author of the article I linked. Many people in the bnet thread have said that Blizzard has stopped responding to tickets about this, so I suspect they are investigating further to try to figure out what's going on.