hot  /  reviews  /  videos  /  cblogs  /  qposts

Xbox Live hacking is a very real problem

12:30 PM on 01.13.2012 // Jim Sterling
  @JimSterling

Microsoft says that recent thefts targeting Xbox Live users are isolated incidents, and often tries to portrays the problems as phishing scams -- effectively blaming the consumer. However, an eyebrow-raising amount of comments and emails seem to suggest that it's a big more common than that. 

A few days ago, I spoke with Susan Taylor, the hacking victim who famously exposed Microsoft's awful customer service. She let me know that of the two hundred emails she's received since resolving her own situation, one hundred and forty were from customers who have had similar experiences. Other emails came from those who have used black market sites -- places that sell accounts loaded with games bought using stolen Microsoft Points. 

"Quite a few people have also questioned the third party servers and services, but I am not seeing a trend in the stories I have read," Susan told me. "Some people have EA accounts connected to their XBL accounts, some people don't; some people have PayPal linked, others just their cards; most have never played FIFA 12.

"I personally have Uplay and Raptr accounts linked to my Xbox account. Unless people are outright lying to me, there is definitely not a specific service (aside from XBL itself) that absolutely everyone who has had accounts compromised has in common. Microsoft's arguments are looking very weak at best."

Microsoft has indeed tried to blame a variety of third-party services. One of my contacts said that a customer service rep blamed third-party servers, while FIFA 12 has been accused of allowing exploits to take place. The one unifying strand in all these stories is Xbox Live, however. 

A security flaw on Xbox.com has allegedly been discovered by one victim, who learned that indefinite password attempts allows a hacker to force his way into any Gamertag they like, just by learning the corresponding email address (which Microsoft itself makes easy) and assaulting the site with a password generator. Whether this is how the hackers are getting in remains to be seen, but it's the most credible idea so far, and it once again points to Microsoft. 

For right now, the only advice one can give to those users wishing to protect themselves is this -- do not have a credit card attached to your Xbox Live Gamertag. You can renew your subscription or add Microsoft Points using pre-paid cards bought in stores, without the need to open a conduit to your bank account on Microsoft servers. It seems to be the best way to keep yourself safe.

From what we've seen, this is a very real problem, but there are practical steps you can take to defend yourself. You're going to have to, because it seems Microsoft doesn't have what it takes to look after its own customers.



Jim Sterling, Former Reviews Editor
 Follow Blog + disclosure JimSterling Tips
Destructoid reviews editor, responsible for running and maintaining the cutting edge videogame critique that people ignore because all they want to see are the scores at the end. Also a regular f... more   |   staff directory

 Setup email comments

Unsavory comments? Please report harassment, spam, and hate speech to our moderators, and flag the user (we will ban users dishing bad karma). Can't see comments? Apps like Avast or browser extensions can cause it. You can fix it by adding *.disqus.com to your whitelists.

 Quickposts
Status updates from C-bloggers

gajknight avatargajknight
I fart, therefore I am.
extatix avatarextatix
Working on my next collection blog and holy shit, I should sell some stuff already.
Myles Cox avatarMyles Cox
My first word was "fart".
GoofierBrute avatarGoofierBrute
Philosophical question: if the only way to get Batman: Arkham Knight to run decently on my laptop is to lower all the settings and have it run windowed, am I really playing it?
Mike Martin avatarMike Martin
I'm farting right now.
Pixie The Fairy avatarPixie The Fairy
I farted in Gamestop today and wasn't blamed!
Jed Whitaker avatarJed Whitaker
I have never farted. #TrueLies
From Must Git Gud avatarFrom Must Git Gud
Getting banned soon!
VIRGO avatarVIRGO
Here's to hoping Nintendo makes mobile games as compelling as Pac-Man 256...
ScreamAid avatarScreamAid
I hate when a new game comes out and D-toid gets flooded with stuff about a game I don't know anything about and I'm just stuck here, sitting with myself and my freeware games...
Dreggsao avatarDreggsao
It is the middle of the night and Yu-Gi-OH is on TV. Are children with insomnia so common these days?
SeymourDuncan17 avatarSeymourDuncan17
My hair's done did and my Teddie cosplay is officially ready for next weekend's Comic-Con! Do I impress you, Sensei? [img]http://i.imgur.com/ZNlOmMf.jpg[/img]
ShadeOfLight avatarShadeOfLight
Replaying Tales of Symphonia for the first time in years, I only just now realized how random the plot is. Our goals are decided at Lloyd's whimsy, while we get major revelations just 'whenever'. Still a good game, but I'm proud to be #TeamBatenKaitos.
Dr Mel avatarDr Mel
Question Time! What's YOUR MGSV Helicopter music?
GoofierBrute avatarGoofierBrute
Today at work, I made a reference to the DK Rap in one of my news pieces. Any day that I get to do that is a good day.
gajknight avatargajknight
Everyone's playing MGSV...and I've just arrived in Skellige in The Witcher 3. At this rate, I'll get 'round to MGSV when the PS7 arrives.
RadicalYoseph avatarRadicalYoseph
Currently learning Little Trinketry from Valiant Hearts: The Great War on piano. [youtube]http://youtu.be/40fulS_olU8[/youtube]
Retrofraction avatarRetrofraction
MGSV is literally the Skyrim of stealth. 15 hours 3%... #Sneaker'sdelight
ThinMatrix avatarThinMatrix
The Kickstarter campaign is now live for Socuwan – the quirky indie MMORPG created by the community, for the community! https://www.kickstarter.com/projects/1465468930/socuwan-the-community-driven-indie-mmorpg
ScreamAid avatarScreamAid
Excellent video game OST's for the week (no particular order): 1) Super Stickman Golf 2 2) Lethal League 3) Crypt of the Necrodancer
more quickposts


Contest!


Seriously

Invert site colors

  Dark Theme
  Light Theme


Destructoid means family.
Living the dream, since 2006

Pssst. konami code + enter

modernmethod logo



Back to Top


We follow moms on   Facebook  and   Twitter
  Light Theme      Dark Theme
Pssst. Konami Code + Enter!
You may remix stuff our site under creative commons w/@
- Destructoid means family. Living the dream, since 2006 -