Blizzard Facing Class-Action Lawsuit Over Poor Security

Blizzard is facing a class-action lawsuit over their sale of Battle.net’s Authenticators.

“To have even minimal protection for their sensitive personal, private, and financial data,” according to the plaintiffs in the case.”

To play a Blizzard game on multiple computers, Battle.net Authenticators are required as in theory they are said to protect personal, financial and private user data. However, the accusations against Blizzard are that the Authenticators aren’t protecting user data as they promised they would. Blizzard has had various security breaches recently that affected sensitive data belonging to Battle.net account owners.

The lawsuit is seeking to claim damages from Blizzard as well stopping the developer from forcing users to create Battle.net accounts for non-MMO games. The plaintiffs believe that Battle.net Authenticators are there at a hidden cost. The desired outcome of the lawsuit is to prevent Blizzard from “From tacking on additional, undisclosed costs to ensure security in the form of a post-point-of-sale Authenticator.”

Blizzard has since issued a statement that explains it’s plans to fight the lawsuit. “This suit is without merit and [is] filled with patently false information”.

The full statement reads below.

This suit is without merit and filled with patently false information, and we will vigorously defend ourselves through the appropriate legal channels.

We want to reiterate that we take the security of our players’ data very seriously, and we’re fully committed to defending our network infrastructure. We also recognize that the cyber-threat landscape is always evolving, and we’re constantly working to track the latest developments and make improvements to our defenses.

The suit’s claim that we didn’t properly notify players regarding the August 2012 security breach is not true. Not only did Blizzard act quickly to provide information to the public about the situation, we explained the actions we were taking and let players know how the incident affected them, including the fact that no names, credit card numbers, or other sensitive financial information was disclosed. You can read our letter to players and a comprehensive FAQ related to the situation on our website.

The suit also claims that the Battle.net Authenticator is required in order to maintain a minimal level of security on the player’s Battle.net account information that’s stored on Blizzard’s network systems. This claim is also completely untrue and apparently based on a misunderstanding of the Authenticator’s purpose. The Battle.net Authenticator is an optional tool that players can use to further protect their Battle.net accounts in the event that their login credentials are compromised outside of Blizzard’s network infrastructure. Available as a physical device or as a free app for iOS or Android devices, it offers players an added level of security against account-theft attempts that stem from sources such as phishing attacks, viruses packaged with seemingly harmless file downloads, and websites embedded with malicious code.

When a player attaches an Authenticator to his or her account, it means that logging in to Battle.net will require the use of a random code generated by the Authenticator in addition to the player’s login credentials. This helps our systems identify when it’s actually the player who is logging in and not someone who might have stolen the player’s credentials by means of one of the external theft measures mentioned above, or as a result of the player using the same account name and password on another website or service that was compromised. Considering that players are ultimately responsible for securing their own computers, and that the extra step required by the Authenticator is an added inconvenience during the log in process, we ultimately leave it up to the players to decide whether they want to add an Authenticator to their account. However, we always strongly encourage it, and we try to make it as easy as possible to do.

Many players have voiced strong approval for our security-related efforts. Blizzard deeply appreciates the outpouring of support it has received from its players related to the frivolous claims in this particular suit.

Source: Game Informer.

George Sinclair is an editor for Analog Addiction, the home of the latest news, reviews and previews. You can find George on Twitter and his blog on IGN. Be sure to follow the OFFICIAL Analog Addiction Twitter as well! 

Leave a Reply as a Guest, or Log In

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s