The latest news on the Diablo III fallout sees Blizzard issuing a much longer, more in-depth statement regarding accounts being "hacked" or infiltrated, as well as how secure gamers are while playing Diablo III online.
CVG picked up on the latest post from a Blizzard community manager on the official Battle.net forums, where the post states that...
"...the number of Diablo III players who've contacted customer service to report a potential compromise of their personal account has been extremely small,"... "In all of the individual Diablo III-related compromise cases we've investigated, none have occurred after a physical Battle.net Authenticator or Battle.net Mobile Authenticator app was attached to the player's account, and we have yet to find any situation where a Diablo III player's account was accessed outside of "traditional" compromise methods (i.e. someone logging using an account's login email and password)."
Some gamers have claimed that even though they had an authenticator activated, their account was still hacked. Blizzard says that's not the case, as stated above.
There have been huge debates over the way Diablo III players have been hacked, with some self-proclaimed hacking enthusiasts saying that gaming websites are getting it wrong and that what's really happening is that there is a measure of session spoofing going on, which is basically a hacker using a very complex measure of tools and methods to take over another gamer's session ID, and thus, gain access to their account. This is also known as a "man in the middle attack".
Plenty of other gamers have come out to shoot down the idea of session spoofing, saying it's just "scare tactics" and "rumor mongering" to spread misinformation about the severity of the accounts being infiltrated. Both are claims based on speculation, and until actual evidence surfaces it's Blizzard's word against the hack victims.
What's more is that this has turned into a raging debate over always-on DRM. Across the interwebs there are discussions going on right now about whether people would even have to deal with this if there was at least an offline mode with the restriction of keeping offline characters, well offline. However, we all know that the always-on DRM for single-player is to enforce everyone to have access to the Real-Money Auction House, Blizzard's pride and joy for Diablo III, which has been delayed again.
Even more than that, this furthers the debate of how much anti-consumer abuse gamers are willing to take before they finally say "enough is enough". I know there are some people already saying that you should be saying "enough is enough".
Removing the consumer option to own the product like traditional game media is something many top publishers within the industry would probably love to standardize.
The idea of consumers paying retail prices to lease a service for single-player titles is a mouth-watering concept for most big publishers. Right now it's looking like that's a future that might become a real possibility, especially with how many people are willing to brush off the hassle of always-on DRM as well as the "extremely small" amount of hacked accounts that inevitably follow, just so that they can play their favorite game.