Reports have been coming in that hackers are able to get session IDs from public games and access your accounts via this method. This means even if you have an authenticator, you may not be safe. Blizzard will be posting with an update on the issues as soon as they can. Until then, try to avoid public games, just in case.
Originally Posted by Bashiok
We've been taking the situation extremely seriously from the start, and have done everything possible to verify how and in what circumstances these compromises are occurring. Despite the claims and theories being made, we have yet to find any situations in which a person's account was not compromised through traditional means of someone else logging into their account through the use of their password. While the authenticator isn't a 100% guarantee of account security, we have yet to investigate a compromise report in which an authenticator was attached beforehand.
Battle.net® Account Security & Diablo® III
Originally Posted by Blue Tracker / Official Forums) (
We also wanted to reassure you that the Battle.net Authenticator and Battle.net Mobile Authenticator (a free app for iPhone and Android devices) continue to be some of the most effective measures we offer to help players protect themselves against account compromises, and we encourage everyone to take advantage of them. In addition, we also recently introduced a new service calledBattle.net SMS Protect, which allows you to use your text-enabled cell phone to unlock a locked Battle.net account, recover your account name, approve a password reset, or remove a lost Authenticator. Optionally, you can set up the Battle.net SMS Protect system to send you a text message whenever unusual activity is detected on your account, keeping you aware of important (and possibly unwanted) changes.
For more information on the Authenticator, visit http://us.battle.net...thenticator-faq
For more on the Battle.net Mobile Authenticator, visit http://us.battle.net...thenticator-faq
For more on Battle.net SMS Protect, visit http://us.battle.net...net-sms-protect
We also have other measures built into Battle.net to help protect players. Occasionally, when Battle.net detects unusual login activity that differs from your normal behavior -- such as logging in from an unfamiliar location -- we may prompt you for additional information (such as the answer to one of your security questions) and/or require you to perform a password reset through the Battle.net website. World of Warcraft players might be familiar with this security method already, and Diablo III players may begin to encounter it as well.
As always, if you think you've been the victim of an account compromise, head to the "Help! I've Been Hacked!" tool at http://us.battle.net/en/security/help for assistance.
Originally Posted by (Official Forums)
We are very aware of these reports and are taking them very seriously. Please keep an eye on the General Discussion forums as Community members will be posting something soon.
If you have been hacked, please contact Customer Service as soon as you can. In addition, using an Authenticator can help secure your account even more.