1.) 99.9% of all accounts that get hacked are from keylogged players. the 0.01% is brute forced accounts that have no authentication security. A lot of people do buy authenticators from e-bay or other sites due to account stealers who buy out the inventory of the blizzstore, thus making said people stupid and have no right complain about accounts being hacked. (Use mobile Authentication, it's free...).
2.) Some WoW add-on's have been "updated" since the release of diablo 3, with this allows keylogging, if you do Play World of Warcraft with lots of add-on's then expect yoru account to be hacked. If you do not play world of warcaft then you have nothing to worry about in this area.
3.) Website advertising. There are tons of "fansites" that have advertising that may contain malicious scripts that install keyloggers and send information to a sql database, mirc chat server or to a email address. All scripts are Java based exploits, to which you are at risk. "Note: not all AV programs will detect these exploits til after the damage is done".
4.) Blizzard representatives have said that the rolling restarts and server fixes can effect characters on players accounts. Like in any game. A fix and break something else like a user database. I should know this, as I am a programmer and stuff like that happens.
5.) Attention all Mac users! You can get malware now! You are no longer invunrable to keyloggers as hackers figured your systems out now!
For those who are getting hacked... It is for certain that it is your fault. Claiming that you did nothing wrong is just foolish rage. Admit that you went to a site that may have a exploit on it, or that you downloaded a "third party program", like the "MAPHACK" that I've seen floating around on sites, or that you shared your password with a online friend to who you think is "trustworthy", or that you "forgot" not log out at a cyber cafe after playing and someone ransacked your account.
My account was bring brute forced, I found this out as for a solid day whenever I logged into the b.net site to post on forums and such it always said "Too many failed attempts", I also got a mobile notification that someone was resetting my password. Which anyone can do if they know your email address.
I highly recommend to use different passwords for your e-mail and game accounts. Also frequently change your passwords. If you find anything suspicious about your account. Like billing info has changed and any other profile changes then ofc, get in contact with blizzard.
I agree partly with this. I also disagree strongly with your blanket statement. There are probably tons of scamming efforts already out there to get your information. So yes. Beware of what you're doing online. You are the first line of defense for your own account security.
HOWEVER, without any sort of proof, it is foolish to make any sort of claim proclaiming the proportion of players who are guilty of being tricked (and not "hacked"). That "99.99%" is total nonsense, nobody other than Blizzard knows anything about the real stats.
So stop saying its all the gamer's faults until we hear something official from Blizzard regarding this. We don't know the extent of the problem (if there is one) yet. With the TINY BIT of knowledge we get from the extremely small cross section of the Diablo 3 population we have, its could be just as likely that the players affected are suffering from an exploit as from downloading keyloggers by accident. Who knows.
It adds nothing and is a logically unsound argument to dismiss the problem as either entirely Blizzard's or the gamers fault because we have nothing really to go on. We can only make assumptions.... assumptions that have no real "proof" to back them up, only anecdotal stories and personal experience. And those DO NOT, I repeat, DO NOT, count as solid evidence at all. So lets stop the blanket statements please. It only serves to incite and doesn't help the problem at all.
Except the Blizzard is LEGALLY REQUIRED BY LAW to report any and all security breaches of their product, either external or internal, both to the authorities and to the client base.
WoW had some mass hackings awhile back, and one of my good friends (who was also my GM) got hacked. This friend had so much security on their computer it was silly, and I can say for certainty without a doubt that they did not visit questionable sites... ever. However because of this my friend thought they never needed an authenticator. They hadn't been hacked in their entire gaming career, which was pretty long.
Blizzard investigated and there was no evidence to any tampering. Yet everyone was still blaming Blizzard's "crappy" security... which had not been penetrated. Meanwhile, all the people who got hacked didn't have an authenticator. Basically, a couple of weeks of hackings later, it was found that there was a vulnerability in flash that let them keylog you IF YOU HAD FLASH PLAYER ON YOUR COMPUTER (Basically 100% of WoW players) and your account was vulnerable if you didn't have an authenticator.
Moral of the story: Get an authenticator. OP didn't have an authenticator and is making the story up. Only way to hack an authenticator protected account is theoretical, and nobody's actually done it yet. Well unless you buy your authenticator off ebay or some other questionable site that isn't the Blizzard store to get it for "cheaper", then it's your own fault for getting a compromised authenticator.