Sign in with
Sign up | Sign in

Blizzard Facing Lawsuit Over Forceful Authenticator Purchases

By - Source: Courthouse News | B 107 comments

A class action lawsuit claims that Blizzard is making millions from customers because it's not properly securing sensitive personal information.

Courthouse News reports that Blizzard Entertainment and parent company Acitivsion Blizzard are facing a class action lawsuit that claims the Diablo 3 developer makes millions by "deceptively and unfairly" charging customers for an after-sale security product.

Lead plaintiff Benjamin Bell, one of two listed in the filing, is seeking class damages for consumer fraud, unjust enrichment, negligence, breach of contract and bailment. The class action lawsuit is represented by Hank Bates with Carney Williams Bates Pulliam & Bowman, of Little Rock, Arkansas.

The lawsuit claims that Blizzard has been the subject of repeated security breaches including the Battle.net hack in August and those experienced in May. Instead of securing personal information on its servers, Blizzard is reportedly forcing customers to purchase an authenticator "in order to have even minimal protection for their sensitive personal, private, and financial data."

The lawsuit specifically names the Diablo and StarCraft franchises as two products that are affected by Blizzard's lack of proper security.

"Defendants negligently, deliberately, and/or recklessly fail to ensure that adequate, reasonable procedures safeguard the private information stored on this website. As a result of these acts, the private information of plaintiffs and class members has been compromised and/or stolen since at least 2007," the complaint states.

"Most recently, on or about May 19, 2012, reports proliferated that class members’ Battle.net accounts had suffered a security breach (‘hack’) at the hands of unknown parties (‘hackers’), and on or about August 4, 2012, hackers massively breached Battle.net’s security and acquired the private information of all of defendants’ customers in the United States, as well as the remainder of North America, Latin America, Australia, New Zealand, and Southeast Asia," the complaint adds.

The lawsuit states that Activision Blizzard has earned $26 million USD from selling the $6.40 physical Authenticator product. It also alleges that Blizzard forces users to create an online account, and is leaving it up to those customers to tighten security on their devices rather than tighten security on Blizzard's end. Even more, the suit accuses Blizzard of failing to take the legally required steps to alert customers about the May 19 hacking incident.

Bell is asking the court to not only reward class damages, but seeks an injunction to bar the defendants from adding undisclosed costs after the initial software purchase. Bell is also asking the court to ban the requirement for establishing Battle.net accounts.

Note: Blizzard customers can download a free Authenticator app for Android and iOS devices. The lawsuit is addressing the various physical keychain versions that are available on Blizzard's store here.

 

Contact Us for News Tips, Corrections and Feedback

Display 107 Comments.
This thread is closed for comments
Top Comments
  • 20 Hide
    therabiddeer , November 11, 2012 6:43 AM
    1) It is free to use if you have a smart phone
    2) Blizzard loses money on each sale because they sell it AT COST and ship for free
    3) Blizzard uses Vasco Digipass units, which at retail cost €12.99 (Blizzard most likely gets a big discount for their bulk purchases)
    http://shop.vasco.com/
  • 18 Hide
    crisan_tiberiu , November 11, 2012 6:19 AM
    They could have bundeled the authenticator with the game... not that hard ?!
  • 18 Hide
    ben850 , November 11, 2012 6:24 AM
    If you have a smart phone it's free.. this hardly sounds like AV/Blizz is trying to trick anyone.
Other Comments
  • 18 Hide
    crisan_tiberiu , November 11, 2012 6:19 AM
    They could have bundeled the authenticator with the game... not that hard ?!
  • 18 Hide
    ben850 , November 11, 2012 6:24 AM
    If you have a smart phone it's free.. this hardly sounds like AV/Blizz is trying to trick anyone.
  • 5 Hide
    bllue , November 11, 2012 6:25 AM
    It truly is pathetic. A customer should not be expected to pay extra to attempt to fix a company's utter FAILURE of safeguarding serious information. Buying or using an authenticator doesn't even protect you from being hacked (as was the case in the early Diablo 3). It is nothing but greed coming from Activi$ionBli$$ard
  • 20 Hide
    therabiddeer , November 11, 2012 6:43 AM
    1) It is free to use if you have a smart phone
    2) Blizzard loses money on each sale because they sell it AT COST and ship for free
    3) Blizzard uses Vasco Digipass units, which at retail cost €12.99 (Blizzard most likely gets a big discount for their bulk purchases)
    http://shop.vasco.com/
  • 15 Hide
    Anonymous , November 11, 2012 6:49 AM
    Blizzard doesn't make money selling authenticators your paying the shipping and handling fee, and if your so broke to not be able to get one to up your own security, while your paying 60+ dollars for games on a single account non the less a 15 a month for the game, the decision is yours, they offer other alternatives free of charge, Mobile authentication, and even Dial in authentication that costs you no money at all.
    So bllue think before you accuse blindly.
  • -7 Hide
    therabiddeer , November 11, 2012 6:49 AM
    Oh good, the anti-blizzard train has already rolled out to downvote people.
  • 2 Hide
    Christopher1 , November 11, 2012 6:52 AM
    bllueIt truly is pathetic. A customer should not be expected to pay extra to attempt to fix a company's utter FAILURE of safeguarding serious information. Buying or using an authenticator doesn't even protect you from being hacked (as was the case in the early Diablo 3). It is nothing but greed coming from Activi$ionBli$$ard


    Right in one. A customer should NOT be required to spend more money to beef up security that should have already been there in the damned first place.
    I foresee Blizzard settling this case REAL quickly.
  • 10 Hide
    boyabunda , November 11, 2012 6:53 AM
    therabiddeer1) It is free to use if you have a smart phone2) Blizzard loses money on each sale because they sell it AT COST and ship for free3) Blizzard uses Vasco Digipass units, which at retail cost €12.99 (Blizzard most likely gets a big discount for their bulk purchases)http://shop.vasco.com/


    You really believe Activision Blizzard loses money on each sale of authenticators? LOL
  • 6 Hide
    Anonymous , November 11, 2012 6:55 AM
    In actuality it does indeed protect you from nearly any possible outside attempt to log in to your account. they have to actually guess the number right within a small number of tries before the account needs to then be unlocked by customer service. the chance of guessing correctly before the account is locked is so small that they waste more money on the power required to run the computer than they could ever hope to gain by breaching an account eventually.

    And secondly... if they bundled them with the game... then everyone is paying for them... even people that don't need them. Since they can get a free one on any device they might have that supports it... so why pay for one you won't use.
  • 8 Hide
    casualcolors , November 11, 2012 6:55 AM
    I was wondering how long it would take for this practice to be examined.
  • -3 Hide
    Gundam288 , November 11, 2012 6:56 AM
    ben850If you have a smart phone it's free.. this hardly sounds like AV/Blizz is trying to trick anyone.

    And in the US they charge out the wazoo for data for smartphones. That is the reason I don't have one.

    The app maybe free, but the data isn't free from your carrier.

    therabiddeer1) It is free to use if you have a smart phone2) Blizzard loses money on each sale because they sell it AT COST and ship for free3) Blizzard uses Vasco Digipass units, which at retail cost €12.99 (Blizzard most likely gets a big discount for their bulk purchases)http://shop.vasco.com/


    I can confirm that Blizzard does use the Digipass GO 6 for their authenticators and so does EA/Bioware for SW:ToR. I have one of each since I used to play both games and they are currently just chilling on my desk collecting dust.

    Both say on the back "Digipass ® GO 6" "Made in China" with a different serial number and their own different bar codes as well.
  • 3 Hide
    therabiddeer , November 11, 2012 6:57 AM
    boyabundaYou really believe Activision Blizzard loses money on each sale of authenticators? LOL

    Considering it costs them money to deal with the huge number of accounts that are stolen on a daily basis, yes. They probably end up breaking even or come out ahead in the end due to being able to use fewer GM's to handle account restoration.
  • 10 Hide
    Anonymous , November 11, 2012 7:09 AM
    Blizzard's games have certainly gone downhill since 2009 but their customer service has pretty much remained solid. Almost every single instance of someone being "hacked" is a result of some idiot doing the wrong thing. Back in 2004-7, it was people clicking on keyloggers (a website with a virus that is downloaded to the user's computer to relay account info), and now since the authenticator was released in 2008 to prevent keylogging, it's people clicking on fake password reset emails and such and willingly giving away their information. Blizzard supplied the authenticator because it thought that it would reduce the headaches caused by people whining about how they got "hacked," not to intentionally cripple their own account security in order to make a couple bucks on the side, especially since WoW by itself is a multi billion dollar franchise and selling off customer loyalty for a measly 26 million, which would be over 4 years if this figure is from the introduction of authenticators onward, isn't very lucrative when factoring in the loss of customers.
  • 5 Hide
    wildkitten , November 11, 2012 7:10 AM
    ben850If you have a smart phone it's free.. this hardly sounds like AV/Blizz is trying to trick anyone.

    Except the hack in May, many accounts that had smartphone authenticators experienced hacks which at first Blizzard denied than later admitted was true. A software based authenticator is hackable, a dongle one can only be hacked through a Man in the Middle attack which has to do with a keylogger intercepting the input of the code and someone immediately trying to use it once they receive the logged in hopes that the code is still valid. Blizzard was very slow in responding to this and even mislead people to the size of the breach.

    therabiddeer1) It is free to use if you have a smart phone2) Blizzard loses money on each sale because they sell it AT COST and ship for free3) Blizzard uses Vasco Digipass units, which at retail cost €12.99 (Blizzard most likely gets a big discount for their bulk purchases)http://shop.vasco.com/

    If Blizzard loses money on the physical dongle, how can they report a PROFIT of $26million? You do realize reporting a profit means they MADE money, not lost money.
  • 10 Hide
    therabiddeer , November 11, 2012 7:47 AM
    wildkittenIf Blizzard loses money on the physical dongle, how can they report a PROFIT of $26million? You do realize reporting a profit means they MADE money, not lost money.

    Easy, THEY HAVENT. The $26 million figure comes from the fact that 40% of users have one. Given the fact that there are roughly 10 million WoW players that is how you arrive at the $26 million figure. 4 million x 6.50 = 26 mil
    http://www.geekosystem.com/blizzard-26-million-security-authenticators/
    Unless they figured out a way to buy the devices for free from vasco (which as I stated, charges €12.99 for one) and ship them for free... they did not make $26 mil. Hell, even with a staggering $2 profit on each sale, they would have to sell 13 million of them (or every WoW player and a VAST majority of D3 players). Which is not likely given the fact that we are told only 40% of WoW players have them!
  • 4 Hide
    abraham_mammogram , November 11, 2012 7:55 AM
    therabiddeer 2) Blizzard loses money on each sale because they sell it AT COST and ship for free 3) Blizzard uses Vasco Digipass units, which at retail cost €12.99 (Blizzard most likely gets a big discount for their bulk purchases)http://shop.vasco.com/


    To play devil's advocate, can you really say that blizzard is paying at cost, when the only information you have to go off is the shelf price of the unit in question? Just because bacon is 3$ a pound a the store, does not mean that McDonalds pays that much to place it on it's burger, and then sell it to you.
  • 9 Hide
    therabiddeer , November 11, 2012 8:01 AM
    abraham_mammogramTo play devil's advocate, can you really say that blizzard is paying at cost, when the only information you have to go off is the shelf price of the unit in question? Just because bacon is 3$ a pound a the store, does not mean that McDonalds pays that much to place it on it's burger, and then sell it to you.

    I already addressed that with this statement: "Blizzard most likely gets a big discount for their bulk purchases" inside of that very quote :p 
  • 7 Hide
    manofchalk , November 11, 2012 8:16 AM
    Gundam288And in the US they charge out the wazoo for data for smartphones. That is the reason I don't have one.The app maybe free, but the data isn't free from your carrier.


    Then we should sue every free-to-play game in existence because our internet connection isn't actually free, and therefore they are adding additional costs without our knowledge or consent.
    You realize that's a ridiculous argument right?
    It might be vaguely justifiable if Blizzard was an IP, but they aren't. You should be well aware that you downloading something will incur download costs, regardless if the data being downloaded cost anything initially.
    And whats to stop you connecting to a WiFi (Which is free at any McDonald's) and downloading the app through that?
  • -3 Hide
    Draconian , November 11, 2012 8:51 AM
    I support this. Companies are not going to take the safeguarding of their customers information seriously until they get hit by lawsuits and it hurts them financially and creates bad publicity. Unfortunately, many judges are conservative, pro-business types, and would dismiss such a lawsuit (as what happened with the Sony hack lawsuit).
  • 8 Hide
    JamesBondage , November 11, 2012 9:13 AM
    Greed is driving this lawsuit.
Display more comments