There's at least 2 PDF exploits and 1 flash exploit out at the moment that allow remote execution. Every website you visit with an ad on it could potentially be a source of intrusion. Even with an ad blocker, some of them just hide the ads but they continue to execute in the background.
Point is, don't be so sure to point the finger. Evidence is required, and as such, blizzard have an obligation to release any information concerning security leaks if it could potentially compromise sensitive data. And this includes email addresses. You reckon sony would have wanted to release the info about possibly letting thousands of credit card details out?
Also, if there was a security flaw in diablo, I would have heard about it. People are trying, but nothing has been found (couple of interesting things in some of the packet headers, but nothing to indicate anything useful)
Also, if he's got any technical sense, he wouldn't post such moronic information such as "im too good to be hacked, must be blizzards fault". Any tech guy knows this.