The reports coincided with the EU Diablo 3 servers going offline on Sunday afternoon for around four hours, preventing players from logging in (error 33). It has been suggested that the EU servers were taken offline following a SQL injection attack, but this remains unconfirmed.
Blizzard offers an Authenticator designed to provide extra security to your account. Donlan did not have the authenticator before the hack, but reports suggest accounts have been compromised even with this enabled.
One theory suggested by players on the Battle.net forum revolves around hijacking session identifiers, which would allow hackers to take over accounts without alerting Blizzard's authentication server. Again, this remains unconfirmed.
Whatever the cause, Blizzard will be keen to address the situation quickly, especially in light of the upcoming release of the real money auction house and the growing complaints from players. Blizzard said last week it was set for release at the end of the month.
Hackers Targeting Diablo III Players
There are reports (#1, #2, #3, #4, #5) coming in that hackers are gaining access to people's accounts, even with the always-on DRM to cut down on both hacking and piracy. Victims claim they are missing gold and loot and have sent in tickets.