Dtoid Forums now support TapATalk and ForumRunner on your iOS/Android devices. Whoot.

TWITTER // FACEBOOK // RSS // CONTACT US

create a free account | login

Contest:
Win an Xbox 360 and Call of Duty: Black Ops II!

Reviews view all

Tom Clancy's Ghost Recon: Future Soldier
87 comments | forums

Dragon's Dogma
117 comments | forums

Akai Katana
29 comments | forums

Max Payne 3
90 comments | forums

Sonic the Hedgehog 4: Episode 2
129 comments | forums

Battleship
46 comments | forums

Minecraft: Xbox 360 Edition
108 comments | forums

Awesomenauts
43 comments | forums

Naruto Shippuden Ultimate Ninja Storm Generations
33 comments | forums

Deep Black: Reloaded
51 comments | forums

Toy Soldiers: Cold War - Evil Empire & Napalm DLC
5 comments | forums

Fable Heroes
30 comments | forums

Skullgirls
58 comments | forums

The Walking Dead: A New Day
38 comments | forums

The Pinball Arcade
21 comments | forums

Kingdoms of Amalur: Reckoning - Teeth of Naros
16 comments | forums

Mortal Kombat Komplete Edition
81 comments | forums

Bloodforge
36 comments | forums

Prototype 2
95 comments | forums

Risen 2: Dark Waters
83 comments | forums

Trials Evolution
32 comments | forums

FIFA Street
27 comments | forums

World Gone Sour
37 comments | forums

FEZ
189 comments | forums

The Splatters
27 comments | forums

all reviews

The Destructoid Show with Max & Tara

The DTOID Show: 38 Layoffs, Zone Of The Enders, & Horses
back episodes | rss

Podtoid with Jim Sterling
203: The Peehole Must Not Be Tampered Or Touched
back episodes | rss

Watch King Foom at 4pm PST LIVE

This weekend on Dtoid TV: Toast Recon: Lucha Soldier

check our live schedule

We are Destructoid
Meet the team

Dale North
Editor-in-Chief
Jim Sterling
Reviews Editor
Conrad Zimmerman
News Editor
Chad Concelmo
Features Editor
Jordan Devore
PC Editor
Hamza Aziz
Dir. of Communications
Andrew Kauz
Community Blogs Mgr
Jesse Cortez
SF/Fight Manager
Yanier Gonzalez
Publisher

Associate Editors

Jonathan Holmes
Maurice Tan
Jonathan Ross
Joseph Leray
Jon Carnage
Tara Long
Max Scoville
Tony Ponce
Josh Tolentino
Samit Sarkar

Got news? Email us
Support/Feedback
Advertising
Who runs Dtoid?

Microsoft denies security problems with Xbox Live

8:40 AM on 01.16.2012 | Jim Sterling

122 comments

Microsoft denies security problems with Xbox Live photo

#Hacking #halt criminal scum! #Industry Bull #Microsoft #Xbox 360 #Xbox Live

Despite a growing number of public reports, Microsoft has continued to deny any security problems with Xbox Live, claiming that any problems faced by Xbox 360 users aren't unique to the system. Basically, it's the "Look over there" defense.

"Microsoft can confirm that there has been no breach to the security of our Xbox Live service. The online safety of Xbox Live members remains of the utmost importance, which is why we consistently take measures to protect Xbox Live against ever-changing threats.

"... Online fraud and identity theft are industry-wide problems, and as such people using any online services should set strong passwords, not share those passwords across multiple services and refrain from sharing any personal details that could leave them vulnerable."

I really am quite alarmed at how willing Microsoft is to blame the victims, as if these are all vanilla phishing scams perpetrated against idiots. While phishing is definitely an issue, the recent stories are not coming from confused newbies who dished out their passwords to anybody. I've seen more reports of security problems on Xbox Live this past month than I have in the entirety of the PlayStation Network's existence. That doesn't seem "industry-wide" to me.

If it turns out that Microsoft really does know something that it's keeping a lid on, this is going to be a shitstorm that shall far outclass the "PSN hack" of 2011. Popcorn at the ready.

Xbox.com has been hacked claim users - update: Microsoft response [Metro]

Thank Christ: Xbox Live to feature even more advertising!

159 comments

Xbox Live and PSN launch Dragon's Dogma demo

32 comments

Microsoft plans to 'further monetize' Xbox Live users

121 comments

Join Dtoid RIGHT NOW for an Xbox LIVE Community Playdate!

40 comments

More gaming stories around the web. Got news? Submit yours to tips@destructoid.com

C-Blog | Twitter | Facebook

Jim Sterling serves as reviews editor for Destructoid.com, head of the Podtoid podcast, and produces a number of news stories, original features, one-of-a-kind videos. With his passionate argumentative style, controversial opinions, harsh delivery, and dedication to brutal honesty Sterling is a name that you can't help but recognize. Likes PS2, iPod Touch, Silent Hill 2, Metal Gear Solid, Dynasty Warriors 3 Meet the rest of the team

Post a comment! You can also post a photo below:

Comment with Facebook

Click connect and comment instantly!

Comment with Dtoid

New? SIGN UP - it takes 5 seconds

120 comments | showing # 1 to 50

next 50 comments

Nick Jones

Microsoft is stubborn. They have the balls to claim that their network is all perfectly secure and that it just can't be breached, but when it comes to the brute hackers, they try and disavow responsibility by saying "Well that's not our fault, that's the hackers! They used their own software, so we aren't to blame!"

Get your shit together, you lazy twats.

Christopher Jaramillo

My account was hacked and someone stole $90 from me, thankfully I was using my American Express card for the Xbox Live, so my card company isn't going to take this kind of shit from Microsoft

Nitex

Sounds just like the RROD issue. How long did it take them to admit that?

DasPooch

99.99999% of people use the same email/password for everything, meaning that when one slack-ass system is compromised, ALL of your accounts are then compromised. It's still not the victim's fault that System X was hacked, but let's be honest - people shouldn't be doing this.

What about this don't you understand, Jim?

Matt Jones

My account was hacked, money spent, account suspended. I rang them every day for 13 days to make sure something was progressing, I was told the same every time "We are investigating". I was accused by customer service reps of selling my account, of being social engineered and best of all, giving someone my details so they could boost my gamerscore. On the 13th day the guy admitted to me "We've not even started the investigation, your claim was filed wrong."

I ended up emailing Major Nelson and guess what? Account was reinstated within the hour.

Mafflez

Looks like its time to take my card off of live now and buy the 20 cards which saves a lot more money actually

DrunkPunk

This is an industry wide issue. Absolutely. From key loggers to phishing attempts, gamers are targeted across all mediums, primarily PC. While I understand that the issue of the windows login could allow brute force attacks, the most common is keylogging. Most developers and publishers don't make this very well known, but a few do. The reason why this is a bigger issue is real money is at stake. But, that's just another good reason (there's more than a few) to not leave your credit card info tied to your account.

Zephreus

@DasPooch
Then again, ms uses a continuous liveID for a plethora of services, which includes xbl, email, shopping, semisocial media, messaging systems, etc...
How is that going to be attributed to consumer fault?

ScreamingFalcon

I agree with DasPooch. There is this little thing called personal resposibility that people tend to "forget" about when it comes to dealing with any entity bigger than themselves (read: basically anything) and therefore it "can't possibly be my fault so I'll blame Large Corporation XYZ and their 'faulty' systems for something I didn't do right."

Save your lame excuses, I hear them all the time where I work. Grow up and look in the mirror for once.

scouserboots

MS, as per usual blaming the customer. When I had multiple RROD with 5 replaced 360's I was always the one at fault. Yeah, funny how I don't know how to plug in a fucking machine in a power outlet source properly, even though I have been doing it for fucking years, and my fucking SuperNintendo still boots up games like no fucking problem and that shit is gathering dust as much as the Wii.

MS customer service is fantastic at fucking making the customer feel fucking stupid. Fuckity fuck fuck fuckers.

My friend at work just got hit... it was done through Windows Live he believes. A chinese email was added to his account at random and purchased 5000 MS points, his account is currently locked as they investigate. He was able to request a PW reset again and regain control. But his accounts essentially dead for 2 weeks.

There is a problem, but he believes it's with Windows Live / Xbox.com

MoonRaven

It's funny how they blame me when I use a special email address which I use nowhere else and a strong password.

amg0D

No issues here, and until proof is given other than word of mouth, those that did get hacked are idiots.

Soulcage

Technically retrying a password on a website thousands of times isn't a "breach in their security". Retrying a password is a legit function. Their databases weren't hacked. It is however, a huge "LACK of security" to allow someone to try passwords thousands of times without locking the account, just by re-opening the browser.

Sounds like a politician with the wording.

I should also mention my friend is a windows engineer at my job and also uses an ASCII pw apparently. It wasn't user negligence.

SephirothX

Handy

...ladies and gentlemen of this supposed jury, I have one final thing I want you to consider. Ladies and gentlemen, this is Chewbacca. Chewbacca is a Wookiee from the planet Kashyyyk. But Chewbacca lives on the planet Endor. Now think about it; that does not make sense! Why would a Wookiee, an eight-foot tall Wookiee, want to live on Endor, with a bunch of two-foot tall Ewoks? That does not make sense! But more important, you have to ask yourself: What does this have to do with this case? Nothing. Ladies and gentlemen, it has nothing to do with this case! It does not make sense! Look at me. I'm a lawyer defending a major record company, and I'm talkin' about Chewbacca! Does that make sense? Ladies and gentlemen, I am not making any sense! None of this makes sense! And so you have to remember, when you're in that jury room deliberatin' and conjugatin' the Emancipation Proclamation, does it make sense? No! Ladies and gentlemen of this supposed jury, it does not make sense! If Chewbacca lives on Endor, you must acquit! The defense rests.

Janklogs

I changed my passwords recently just to be on the safe side. I haven't been hacked yet, but one can never be too careful.

UltorOscariot

MS should be embarrassed. At least implement a Steam Guard-esque system where they have to have access to your email too in order to access your account.

DasPooch

@Zephreus - And is there any evidence that said system has holes being exploited? No? Ok. In the absence of proof (which would be all over the news if verified) that an extremely complex hack has raken place, the simpler and more likely scenario is most likely true.

@N7 - why should anyone care what you coworker "believes"? It's easy for people to makeclaims on the intarwebs.

WesWarlord

I like how if PS is hacked then it is a huge issue and Sony was irresponsible for being hacked. If its possible it happened to Microsoft then we clearly didn't use a good password.

This happened to me. My passwords for EVERYTHING are different. Even if people found out my password, how did they know my Windows Live ID? I actually use a gmail account that has nothing to do with my username and they were able to recover my account to their Xbox.

It was rumored that Xbox live was hacked just months ago and MS denied this. Now randomly there are people coming out in droves with their stories. I think this stinks to high hell and MS is playing this poorly.

TXYeti

Just because there are more publicized cases in a time period doesn't mean there are more cases altogether in that time period.

There was one, big, unfortunate public case and that person made it their duty to "tell other people's stories." Now more cases are public and providing trolls like Jimmy here an opportunity to speculate in blog form.

Nothing to see here people... at least nothing we haven't seen before.

DasPooch

@N7 - Does he use the same pw on more than one account? I don't know why i'm asking, it's easier for people to just lie and act like they did everything right, if it generates more hype.

Also, being a software dev doesnt make you immune from malware and mistakes.

Solid Squirrel

Ditch the CC info and buy credits from stores instead. Sure, inconvenient for impulse buys if you don't have any saved to your account, but at least then nobody can buy anything using your info.

sqlrob

Class action suit time, since that's what it took for them to acknowledge RROD.

oh, wait...

covah

What?! No, how do you deny that there are problems? There are problems! How many people's accounts have been hijacked? Saying "nope, there isn't a problem" doesn't make it not exist!

Jim Sterling

"it's easier for people to just lie and act like they did everything right,"

Not that Microsoft is capable of doing that either, right?

TXYeti

"Not that Microsoft is capable of doing that either, right?"

No one said they weren't. Point is its all useless speculation at this point.

DasPooch

@Jim - Pretty sure that's against the law in a case like this, and would cause a nuclear meltdown in the media and court system if it came out. So no, it's not the same thing as some random shmuck who wants people to believe he did everything right and still got "hacked".

I should say I'm surprised you're playing the anti-corporate 99% card, here, but I'm honestly not.

Jim Sterling

DasPooch: I'm not playing any card, mate. I'm just keeping an open mind about this. MS could be bullshitting (wouldn't be the first time) or all these other gamers could (not outside the realm of possibility).

You're the one acting like you're so certain of the facts. If you're privy to evidence the rest of us aren't, do tell!

darcade

Sony got blamed for the actions of others, its Microsoft's turn.

DasPooch

@Jim - Nice how you turn it around and act like I'm claiming anything. Read my previous comments, all I've said is that in the absence of proof, the simpler and more likely scenario is probably true. Also, the dangers of being proven liars about a system-wide hack would be too much of a risk for a company like MS to take, making it even less likely.

Nowhere did I claim to KNOW anything, "mate". But please, keep playing the role of Nancy Grace for Dtoid.

darkwonders

Why is it that everyone was so quick to burn Sony at the stake, but act like MS can do no wrong?

How does it feel to be sucking the corporate MS cock?

Jim Sterling

You seem to know the passwords that 99.9% of Xbox Live users have made, though.

Are you the one fucking stealing them!?!?!?!??!?!

DasPooch

@Jim - Oh, give it a fucking rest, you clown. Are you honestly going to sit there and claim that most people don't use the same passwords for fucking everything? Between daily demonstrations of user stupidity across all industries and home users, there have been plenty of anonymous surveys where people admit to this shit. Hell, I guess all those people who are shown to leave their wifi router admin passwords as the default "admin" or "password" are just make-believe, right?

ChaosTeaCup

OOOhhh Jim. 2 months ago you were saying the same thing that MS are saying now. I forget how fickle you youngsters are, ho ho... I was phished; hacked; had my account stolen and 11000 ms points bought with my card. I can tell you that the customer services in the UK were very helpful and restored my account to me within 10 days (though they warned me 21 days) and re-imbursed the moneys to my bank a few days later. Whilst I imagine there are a few bogey cases whereby people are genuinly fucked over, I find gamers who do their talking on the internets probably the least most trustworthy source of genuine account. Or maybe I'm just lucky, or maybe I didn't act like a dick on the phone? Who knows?

D4Gamer

Doesn't surprise me..

www.deals4gamers.com

Jim Sterling

"Oh, give it a fucking rest, you clown. Are you honestly going to sit there and claim that most people don't use the same passwords for fucking everything?"

I am not going to claim they do. Because I don't know.

Neither do you.

Dantronic

Most hackers like a little bit of a brag and a boast and if this problem is so rampant and wide spread then you'd think there would be online evidence of people discussing how this is being carried out.

I've been solicited many times over xbla for access to my account promising all sorts of rewards and bonuses the lure of this promise is just to strong for some people ( weak people ) The whole issue: it smacks of social engineering and phising.

Markusdragon

The problem is that we're asking the wrong questions. We're asking 'Is Xbox Live secure?' to which their answer, quite truthfully, is 'It's as secure as the rest of the industry, and we haven't been hacked.'

What we should be asking is 'Why doesn't Xbox Live have an equivalent of SteamGuard?' 'Why doesn't Xbox Live provide better protection from Phishing and Social Engineering attacks?' and 'Why doesn't Microsoft offer better customer service and security to those who have already been hacked?', which are far more specific and pressing questions, and far more difficult to answer.

TXYeti

"I am not going to claim they do."

But you'll still write a scathing, blame-heavy blog post based on your ignorance. If you're so unsure why fan the flames?

DasPooch

@ChaosTeaCup - Exactly. I find it hilarious that Jim (or anyone else) is willing to put a major video game console-maker on the same level of trustworthiness as the random, anonymous internet "user" who just wants to get online and bitch about what happened to them. Because lawsuits, fines, and potentially hundreds of millions in lost revenue is no big deal, and they'd never risk that to save face, right?

Jim Sterling

"But you'll still write a scathing, blame-heavy blog post based on your ignorance."

You must be new to Dtoid if you think the above article was *scathing*.

Dantronic

What could xbox live 'do' to protect against social engineering though? That is a pbcak.

Jim Sterling

"I find it hilarious that Jim (or anyone else) is willing to put a major video game console-maker on the same level of trustworthiness as the random, anonymous internet "user" who just wants to get online and bitch about what happened to them."

You're right. I am sorry I doubted Microsoft's impeccable integrity and I forgot that no company has ever been sued for doing something dodgy because the threat is always too great.

Dantronic

yes true, MS are hardly going to turn around and say ' actually yes the service has been compromised and we dont have a fucking clue how to counter it all your accounts are at risk as is all the content you've purchased GOOD LUCK! '

free touch

@Jim: this just in, the whole xbox 360 3 red rings? All your fault. I simply cannot believe a company would push out a device earlier without fully testing it, while using cheaper solder to save a few bucks here and there. More likely than not, it was the users fault for playing the system.

TXYeti

"You must be new to Dtoid if you think the above article was *scathing*."

Nice try, but you're avoiding the point.
Fact is, you claim "open mindlessness," but anyone can see you view as anything but, based in your ham-fisted article. That's all I'm saying.

Stinky

Och wee Jimmy, yer ban trolled.

ChaosTeaCup

Of course MS have previous, and corporations have been shifty since their inception, but I'm just saying as a genuine victim of this scam I was dealt with promptly and helpfully, and so I just have to wonder at the integrity of the anonymous internet rant (of which, I appreciate, I am as well), especially when PS3 vs Xbox has turned gamers into some of the most horrible, disingenuous little shits on the planet). I'm a big fan of Jim's blogs, but I can't say that my experience of this issue rings true with the shitstorm Jim is hoping to Popcornulate to.

prev	next 50 comments

Comment with Facebook

Click connect and comment instantly!

Comment with Dtoid

New? SIGN UP - it takes 5 seconds

Comments policy

Destructoid is an open discussion community. You don't need to "audition" to post a comment - just speak your mind. We respect differing opinions on the site, so have at it. Be smart, funny, insightful, clueless, or cute -- but back it up with substance. Keep your cool, keep it fun. We only ask that you act respectfully and above all: don't be a troll and ruin it for everyone else. Don't bring down gamers or we'll, you know, gently shoot you in the face and stuff you into a flaming mailbox. Each comment is your opportuntity to make this community awesomer. Is that even a word?

Avoiding the banhammer only requires common sense: spamming, trolling, racism, NSFW stuff, and other forms of sucking will not be tolerated. If anyone is griefing please report abuse. Be good. Don't suck!

All editorial content, including blogs, comments, and forums written by our community, are protected by a Creative Commons License permitting non-commercial sharing requiring attribution. Destructoid aka ModernMethod is an independently-run company forged by our childhood love of video games and adulthood hatred mainstream video game press.

Living the dream since March 16, 2006

BBcode help
[b]Bold text[/b]	Bold text
[i]Italic text[/i]	Italic text
[url]http://www.dtoid.com/[/url]	http://www.dtoid.com
[url=http://www.dtoid.com/]Web link[/url]	Web link
[img]http://www.example.com/robot.jpg[/img]