Activision Blizzard Getting Sued Over Diablo 3's Authenticator Requirement
Author: William Usher
published: 2012-11-09 13:19:40
Remember how a lot of people got pissed when they found out they had to purchase an authenticator in order to not get their account breached when playing Diablo III? Well, someone get pissed enough to make a class action lawsuit out of it. Activision Blizzard is actually getting sued because they didn't ship an authenticator or provide an extra layer of security for the games to protect consumers from account breaches.
Courthouse News [via Blues] recounts plaintiff Benjamin Bell's class action accusations against Activision Blizzard and an attempt to get some form of resolution in Federal Court.
According to Bell, games like StarCraft and Diablo are not safe to play unless consumers purchase an authenticator, and that Blizzard did not warn users beforehand that an authenticator would be required to maintain security of one's account. Bell claims that the ploy of selling authenticators at $6.40 has netted Blizzard approximately $26 million in sales.
Interestingly, Bell stated that...
"Most recently, on or about May 19, 2012, reports proliferated that class members' Battle.net accounts had suffered a security breach ('hack') at the hands of unknown parties ('hackers'), and on or about August 4, 2012, hackers massively breached Battle.net's security and acquired the private information of all of defendants' customers in the United States, as well as the remainder of North America, Latin America, Australia, New Zealand, and Southeast Asia."
Bell seeks class damages and an injunction to bar Activision Blizzard from "tacking on" extra costs for the security measures to protect accounts from being breached.
Bell is actually correct, though. The breach on Battle.net occurred on August 4th but wasn't reported until August 9th, but the real dozy is that account breaches had been occurring to Battle.net accounts in massive waves since the original launch of Diablo III on May 15th.
The rough part about it is that everyone is required to have a Battle.net account to play Blizzard's games, and for Diablo III everyone has to be online to play the game, making all Battle.net users potential account-breach victims, that's not to mention that it sets a bad precedent when a company can force you into specific end-user conditions that leaves your personal and/or private information completely vulnerable to hackers or exploiters without a forewarning.
What's worse is that people didn't start speaking up about account breaches until Eurogamer's Christian Donlan, back on May 21st, was on the receiving end of an account breach himself, because he didn't have an authenticator. Following Dolan's case there was the Examiner writer Tara Swadley who had her account breached, as well as Ars Technica's Kyle Orland who was also on the receiving end of a hack attack, all because they weren't using authenticators.
Blizzard claimed that accounts that had been breached were extremely small compared to the six million people who purchased the game. However, there were about 130 account breach claims piling into the forums every eight hours, until patch 1.0.2b released in early June, in which case all the account breaching claims instantly stopped.
It's easy to dismiss Bell's case but he does have a point. The common response from Blizzard in each of those cases was always for the victim to buy an authenticator or attach one to their mobile device. Many gamers with a level head asked a very blatant question: Why is it that Blizzard doesn't have two-tier account authentication installed into Battle.net as an absolute standard?
Even still, including a physical authenticator in the boxed packages of games like Diablo III and StarCraft II should be a standard if they're going to enforce an always-on DRM atmosphere. You can't force your customers into a situation where they're susceptible for account breaching but not protect them right out of the gate. Many casual players fell victim to nefarious individuals breaching accounts in Diablo III because they honestly didn't know that an authenticator was required to protect their account.
If Bell and crew at Carney Williams Bates Pulliam & Bowman do their research and gets a few people behind the cause who had their accounts breached, this would be an easy-win for consumers against Activision Blizzard.
Back to top