Blizzard spokesperson Micah "Bashiok" Whipple has been keeping the Diablo III community abreast of the account hacking situation. His latest update on the game's official forums clarifies Blizzard's investigation into the matter.
Whipple says that the compromised accounts that the company investigated were apparently accessed through "traditional means". In other words, they were either phished or acquired through keyloggers, and weren't actually "hacked," unless you count social engineering as a form of hacking.
"We've been taking the situation extremely seriously from the start, and have done everything possible to verify how and in what circumstances these compromises are occurring," wrote Whipple. "Despite the claims and theories being made, we have yet to find any situations in which a person's account was not compromised through traditional means of someone else logging into their account through the use of their password. While the authenticator isn't a 100% guarantee of account security, we have yet to investigate a compromise report in which an authenticator was attached beforehand."
Whipple also responded the suggestion that the attack on user accounts was carefully orchestrated, as many of the accounts were compromised all at once.
"It seems to me like it's the most logical way to go about it," he said. "Build up a list of accounts and passwords, and then hit them in a rapid succession before word can spread and people can change their passwords, add an authenticator, etc."
It makes sense. The attack would also serve to make Blizzard look bad in the eyes of the public and those of the company's investors, especially since the attackers (e.g. Anonymous) may have a vendetta against Blizzard's parent company, Activision.
