Sign in with
Sign up | Sign in

Blizzard Responds to Lawsuit Over Authenticators

By - Source: GameInformer | B 45 comments

Just as we thought: the recently-filed Authenticator-themed lawsuit against Blizzard is bogus.

On Monday Blizzard responded to a recent class action lawsuit filed against the World of Warcraft developer and its parent company, Activision Blizzard, which accuses both of forcing customers into purchasing added security. The suit alleges that Blizzard is being deceptive by not providing enough security on its end, thus forcing consumers into purchasing a physical "authenticator" device.

Naturally Blizzard said in its public statement that the entire lawsuit is without merit and based on "patently" false information. As we pointed out when the lawsuit was first revealed, Blizzard offers free apps for smartphones that can be used to authenticate the user's credentials when prompted – the physical $6.40 version is merely an optional accessory for those who can't/won't use the apps.

"We want to reiterate that we take the security of our players’ data very seriously, and we’re fully committed to defending our network infrastructure. We also recognize that the cyber-threat landscape is always evolving, and we’re constantly working to track the latest developments and make improvements to our defenses."

According to the lawsuit, Blizzard and parent company Activision "negligently, deliberately, and/or recklessly fail to ensure that adequate, reasonable procedures safeguard the private information stored on this website. As a result of these acts, the private information of plaintiffs and class members has been compromised and/or stolen since at least 2007."

The lawsuit specifically points out two recent security instances which took place in May and then in August, both in 2012, which led to the theft of private information, and that Blizzard didn't properly alert customers about the latter incident. Blizzard naturally disputes this accusation.

"Not only did Blizzard act quickly to provide information to the public about the situation, we explained the actions we were taking and let players know how the incident affected them, including the fact that no names, credit card numbers, or other sensitive financial information was disclosed," the company said. "You can read our letter to players and a comprehensive FAQ related to the situation on our website."

The suit also points out that Blizzard has accumulated around $26 million USD since the introduction of its $6.40 physical Authenticator product. Customers are also forced into creating an online account so that they can play Blizzard's products, thus requiring an added Authenticator because Blizzard is offering minimal protection on its end.

"This claim is also completely untrue and apparently based on a misunderstanding of the Authenticator’s purpose," Blizzard said. "The Battle.net Authenticator is an optional tool that players can use to further protect their Battle.net accounts in the event that their login credentials are compromised outside of Blizzard’s network infrastructure. Available as a physical device or as a free app for iOS or Android devices, it offers players an added level of security against account-theft attempts that stem from sources such as phishing attacks, viruses packaged with seemingly harmless file downloads, and websites embedded with malicious code."

For the record, Blizzard isn't the only company offering "authenticators" as an optional method of security. Google's two-step process requires users to add an additional code to their login that is texted to their smartphone. ArenaNet has an option allowing Guild Wars 2 users to confirm their login by way of an email each time they want to play.

To read Blizzard's entire response, GameInformer has a copy right here.

 

Contact Us for News Tips, Corrections and Feedback

Discuss
Ask a Category Expert

Create a new thread in the News comments forum about this subject

Example: Notebook, Android, SSD hard drive

This thread is closed for comments
Top Comments
  • 15 Hide
    Jigo , November 15, 2012 8:00 AM
    ..but i got an email from wow-account-service@email.cn which said my account was hacked !?

    /lulz off
  • 15 Hide
    steve360 , November 15, 2012 7:50 AM
    It's always the company's fault when the victim so happens to click on dodgy links and submits their account credentials directly to the hackers.
  • 12 Hide
    waxdart , November 15, 2012 10:16 AM
    Didn't have any of this bother with single player games. Can we have some good anti-social games back please? I work with others all day long and other from far away call me on the phone. I don't like them anymore.
Other Comments
    Display all 45 comments.
  • 15 Hide
    steve360 , November 15, 2012 7:50 AM
    It's always the company's fault when the victim so happens to click on dodgy links and submits their account credentials directly to the hackers.
  • 15 Hide
    Jigo , November 15, 2012 8:00 AM
    ..but i got an email from wow-account-service@email.cn which said my account was hacked !?

    /lulz off
  • 5 Hide
    Thomas Creel , November 15, 2012 8:21 AM
    This is just silly, a lawsuit?

    What is wrong with people.
  • -2 Hide
    abbadon_34 , November 15, 2012 9:10 AM
    what did you expect them to say? they settle it out of court admitting now wrong and the trail lawyers will get rich as always
  • 4 Hide
    rantoc , November 15, 2012 9:39 AM
    This is hilarious, cars come with basic security and can optionally be upgraded with beefier alarm/electronic keys ect ect... how is this different? Basic security is there in the form of a login + password, if that ain't enough because some people are brain-dead and give the information away free in a false login screen that promises everything from free toothpaste to free lobotomy or use the password 123. Do the same brain-dead people give away their car keys to a criminal who say he needs to service the car and then blame the car maker for their own short comings!?

    That is what appears to be the case here, blame the developer for their own stupidity!
  • -8 Hide
    thecolorblue , November 15, 2012 10:02 AM
    Bilzzard cannot claim they have a free app as an excuse because not everyone has smartphones.

    How hard is it to use logic
  • 3 Hide
    bustapr , November 15, 2012 10:09 AM
    thecolorblueBilzzard cannot claim they have a free app as an excuse because not everyone has smartphones.How hard is it to use logic


    Quote:
    Blizzard offers free apps for smartphones that can be used to authenticate the user's credentials when prompted – the physical $6.40 version is merely an optional accessory for those who can't/won't use the apps.

  • 12 Hide
    waxdart , November 15, 2012 10:16 AM
    Didn't have any of this bother with single player games. Can we have some good anti-social games back please? I work with others all day long and other from far away call me on the phone. I don't like them anymore.
  • 3 Hide
    tomfreak , November 15, 2012 10:20 AM
    steve360It's always the company's fault when the victim so happens to click on dodgy links and submits their account credentials directly to the hackers.
    I guess u must have forgot the news about D3 hacks when it launch.
  • -3 Hide
    ironmb , November 15, 2012 10:27 AM
    No amount of security can fix dumb people clicking on fake emails.

    Oh Aunt Jennie is sick and this random company needs my credit card?! OK I'LL HELP! People who get hacked deserve to get hacked if they're dumb enough to fall for those types of scams.
  • -1 Hide
    nicodemus_mm , November 15, 2012 11:26 AM
    thecolorblueBilzzard cannot claim they have a free app as an excuse because not everyone has smartphones.How hard is it to use logic


    Judging by the "logic" of your first statement, it must be pretty damn difficult to use. Thanks for the demonstration.
  • 3 Hide
    Anonymous , November 15, 2012 11:29 AM
    Bull, I ignore all spam mail and yet my battle.net account was hacked when I hadn't used it for months.
  • -2 Hide
    kartu , November 15, 2012 11:35 AM
    Wel they have started to offer free authenticator app, that's right. (it wasn't there from the beginning though) But:

    Quote:
    "You can read our letter to players and a comprehensive FAQ related to the situation on our website."


    Right. That's what I do all day long. Go to Blizzard site to read comprehensive FAQs.
    Even though they know my email, they didn't bother warning about breached security, nope.
    Email is only for newsletters, you know.

    So they had a problem.
    They didn't bother admitting it in personal emails, even though it was VERY important.
  • 1 Hide
    manicmike , November 15, 2012 11:51 AM
    Tom's Hardware - Free Common Sense Internet Security 2011

    Courtesy of SR-71 Blackbird, forum Moderator here at Tom's... One of the ONLY tech related pieces I have EVER read that is still as relevant today as it was when posted (6-24-2011).

    I can't tell you how many people I've forwarded this to/read it to. I've been using Common Sense Internet Security for YEARS now, it's great. 100% free, hell you don't even need a computer to use it! It covers phone and mail scams too!

    The link (if you don't trust me):
    http://www.tomshardware.com/forum/242300-49-free-common-sense-internet-security-2011
  • 1 Hide
    kellybean , November 15, 2012 11:53 AM
    Thomas CreelThis is just silly, a lawsuit?What is wrong with people.

    Too many ambulance chasing lawyers, even Jesus had a warning for lawyers in the Bible. Tells me they were scumbags back then too.
  • -5 Hide
    thecolorblue , November 15, 2012 12:03 PM
    nicodemus_mmJudging by the "logic" of your first statement, it must be pretty damn difficult to use. Thanks for the demonstration.

    explain yourself.

    as for my comment... Blizzard claiming that there is a free alternative cannot count as a legitimate explanation BECAUSE the alternative has a prerequisite... namely ownership of a qualified device. Not everyone owns such devices, therefore the attempt to slime by with that explanation as an excuse falls flat on its face.

    They'd be better off not proffering that excuse at all.
  • -4 Hide
    LORD_ORION , November 15, 2012 12:29 PM
    Wait, if the paid version is $6.40

    The "free" version is $699 (iPhone 5) + Free App Download?

    Regardless the suit is a good thing... Activision is an unreasonable company and the only thing that makes them take action is answering to share holders.
  • 2 Hide
    Fokissed , November 15, 2012 12:34 PM
    thecolorblueexplain yourself.as for my comment... Blizzard claiming that there is a free alternative cannot count as a legitimate explanation BECAUSE the alternative has a prerequisite... namely ownership of a qualified device. Not everyone owns such devices, therefore the attempt to slime by with that explanation as an excuse falls flat on its face.They'd be better off not proffering that excuse at all.

    Most people own a SMS capable device.
  • 1 Hide
    Fokissed , November 15, 2012 12:34 PM
    LORD_ORIONWait, if the paid version is $6.40The "free" version is $699 (iPhone 5) + Free App Download?Regardless the suit is a good thing... Activision is an unreasonable company and the only thing that makes them take action is answering to share holders.

    Any device that supports SMS will work. There are more to cell phones than the iPhone 5, however some may not know that.
  • -1 Hide
    yeesh , November 15, 2012 12:52 PM
    Quote:
    For the record, Blizzard isn't the only company offering "authenticators" as an optional method of security. Google's two-step process requires users to add an additional code to their login that is texted to their smartphone. ArenaNet has an option allowing Guild Wars 2 users to confirm their login by way of an email each time they want to play.

    Uh, the lawsuit isn't about the concept of 2-step authentication, it's about the money charged for the physical device. Those two examples are not relevant since (I presume) neither Google nor ArenaNet charge users for access to the extra account security those login methods provide.
Display more comments