In regards to all the compromised accounts, this
post sums it up nicely on the situation.
Anyone who works in end user support before will know it all too well when it comes to malware and the ongoing trend of targeting online game account information that has transferable values (steam doesn't cause you can't transfer or sell your games to others).
This isn't just a Blizzard problem however, it's looks exacerbated in comparison to other games because of the volume of users. There's 10 million + users on WoW alone not to mention another 6.5 million Diablo3 players, what's is the chance of having someone in those 16.5 million + user who had their account and pc compromised?
Why is Blizzard pushing users to get an authenticator?
Because it's a waste of manpower and bad for the PR when people have their account compromised. There's many ways to get into someone's computer, I had malware infection before just plugging in a usb drive. I got myself an authenticator because I know there's no 100% chance of me ever being fully secured with my laptop barring total isolation and Diablo 3 is the kind of popular games these malware will target.
And FYI, Blizzard password is not case sensitive which is really stupid. They should have adopted better password security cause people can just brute force the account.