The one thing that starts and ends most discussions on the Battle.net forums right now is "Get an authenticator". The idea behind the authenticator is that it lessens the risk of being hacked while playing any of Blizzard's games online.
Blizzard moderators have consistently said that getting an authenticator is a surefire way to protect yourself from an account breach. Well, Examiner Mark Casino is reporting that a week after having his account attached to an authenticator, his account was hacked.
It's not clear if it was a mobile authenticator or a physical authenticator, or if he tried to use a dial-in authenticator or the SMS option, in which case the latter two don't work with Diablo III.
Nevertheless, Casino states that...
"I got an authenticator hooked up to my account. And let’s be honest, whenever we buy a PC game and play it online, we don’t instantly think, “Oh, I need to go buy an authenticator before I play this game.”
This is reminiscent to another gamer who also claimed to have been hacked while having an authenticator attached, and inquired of Blizzard to explain how his account was breached. In a long back-and-forth, Game Master Carveille admits that they were not sure how the malicious access took place, which means that there is no guarantee that the account breaches are as plain and simple as Blizzard originally stated or as far and as few as they claim.
Ars Technica writer Aurich Lawson also was on the receiving end of having his account breached, but he chalked it up to not changing his password frequently enough and not having an authenticator attached. Forbes writer Paul Tassi argues the opposite end of the spectrum, claiming that authenticators shouldn't even be required to play a simple game...especially in single-player mode.
In the case of Examiner writer Mark Casino, he's more-so just curious about the same thing that everyone is curious about: how are these account breaches taking place? Ars Technica's Aurich Lawson tried prying the Blizzard representative about his account and how it was accessed but Blizzard basically just gave him the run around without specifying anything related to the actual breaching method.
I think more than anything gamers need to stop badgering each other over "getting an authenticator" and keep the pressure on Blizzard to shed more light on the matter, especially if they have plans to go through with the real-money auction house.
As stated in previous articles, no matter if you play single or multiplayer Diablo III, make sure you avoid public games for now. Play private matches or only invite people to your games that you know. Get an authenticator just to be sure. And make sure you change your password frequently.
This folks, is a small taste of an always-on future.