In my opinion this is simply not true. It is possible. The costs and logistics involved may be prohibitively large to the point that Blizzard decides it's simply not worth it, but it could be done.
Except it is true through actual facts. What hes saying isnt an opinion but rather fact. Hacks are created using the client side information. You will rarely if EVER see a server side hack for games unless there is virtually no security between the client and the server.
For example, in warcraft III all ladder maps are downloading to your computer, which in tern created maphacking because this was a client side situation were hackers had full access to all maps and originally this was client sided until it was patched by blizzard. However gold/lumber and food count were unable to be edited online through battle.net because that is server sided information. Which is why you have never seen a gold/lumber/food hack for ladder play on that game.
League of legends is the best proof out there that a game with a server side architecture (always needing an internet connection) with over 15 million registered users of which 1.3 million actively log on every day is capable of keeping a HACK free environment even with an immense user base.
A game that is based online is also more secure this is fact now not opinion, as even if the game WAS hacked it is possible to re-check all data of the game data prior to logging on, which is what League of legends does, WoW does, Starcraft II and even Diablo III will be doing.
I understand that if they simply take the online, server-side code and make it freely available by including it in an offline client, they're opening a can of worms and creating a playground for hackers and cheaters. What I'm saying is what is stopping them from modifying the server-side code to the point where it is no longer compatible with the original server-side code (which would still be used for the online play), then releasing an offline component with modified 'server-side' code.
Basically, the extreme of what I'm saying is two completely separate games (in terms of coding, not gameplay) - obviously in such a case hacking one would not impact the other. Now what I'm suggesting is finding the sweet-spot where the code only needs to be modified enough to keep the additional resource cost low enough to be viable, while creating an offline mode distinct enough to be virtually useless in cracking the online server-side code.
Hopefully you can understand what I'm trying to get across. Like I said, the costs and logistics of creating and supporting distinct coding/modes maybe be large enough that Blizzard writes it off completely, but in my opinion if any company could and would innovate such a system, Blizzard and D3 would be the perfect guinea pig.
I don't know very much about encryption methods, but outside of the coding I believe the same principle could be applied to how the various data is encrypted and relayed between the client and server. Make the offline encryption / data-storing methods distinct enough that cracking and understanding how they function does not provide a large amount of insight into how to exploit the online server-side functionalities.