PSA: Don't play public games. Bots are stealing session IDs and using them to access your account. (self.gaming)
submitted 17 hours ago* by madcow575
They hacked the gibson. Doesn't even matter if you have an authenticator. Don't play public games until Blizzard finds a way to fix this unless you want to log in naked and broke.
Blizzard is investigating
Oh, and also get an autenticator anyways. And if you plan on using RMAH, get a paypal authenticator too.
EDIT: It appears that many people who havn't played public games are getting hacked also. I think I'm going to post all my good gear on the AH for obscene prices so no one will buy it and they can't send it away for a few days.
EDIT2: Blizzard made a post http://us.battle.net/d3/en/forum/topic/5149619846?page=29#571
Apparently either they are incompetent at investigating this issue or people on the internet are lying about having authenticators.