Diablo III Hacking is Real, Check Your Accounts

Earlier in the week, we brought you word that at least some Diablo III accounts are being hacked, looted of all their possessions, and left for dead. And it's easy to look at a report like that and think, "Hey, I'm a tech savvy guy who is conscious about computer security, uses a variety of tough passwords, and never clicks on anything even remotely close to resembling a phishing scam." Well, I'm here to tell you that Diablo III hacking is real, and your account likely isn't safe even if you've taken such precautions.

How do I know this? Because while playing at approximately 12:30am CST in the wee hours of the morning, I was booted off with a message that someone else had logged into my account. Thinking it was just a misreported crash error, I logged back in, only to be booted again - and this time the hacker changed my password. In the time it took me to use the account recovery process on the Battle.net website, the hacker managed to get my gold (over 100k), all my gems, and several items from my stash. Fortunately, I managed to kick them out before they were able to get everything from my stash and the items my level 53 wizard was actually wearing. So even though I use a different password for everything I log into, and I use tough alphanumeric passwords that aren't based on dictionary words, some bastard was able to make me experience my first account hacking in over 25 years of online gaming.

To be fair to Blizzard, one thing I wasn't doing was using their authenticator or Battle.net SMS protection options. But since I'm not a World of Warcraft player and have never experienced any sort of online hacking attempts in the past, it never dawned on me that these were a necessity. You can bet that I'm now using both, and I have to wonder why these aren't a requirement for everyone given the mass exodus or PR nightmare that widespread hacking could cause for the company.

Anyway, the point of this newsbit is to at least make our audience aware that hacking IS happening, and to encourage everyone to take whatever steps necessary to protect their account. If you don't want to lose your items and gold (or even have them delete a character, which they could also do), then go change your password to something tougher and sign up for both security options. The party (or parties) involved are likely using brute force to determine passwords since a) your Diablo III password isn't case sensitive and b) the game allows unlimited password attempt retries, but hopefully these steps will at least deter them for awhile... or until Blizzard implements tougher security.

Also, don't just take my word for it. Last night seems to have been a field day for the thieves, as a slew of posts on both the US forums and EU forums are full of nearly identical stories to my own that have been posted over the last 12+ hours. Isn't online-only DRM fun?