Sections

Microsoft denies XBL compromise despite outside account access

Tuesday, 18th October 2011 11:50 GMT By Johnny Cullen

Microsoft has denied that Xbox Live has been compromised, although admitted that there’s been outside access to “a limited number” of accounts.

Reports from all over the shop, including GAF and Reddit, indicate that hackers have gained access to their profiles and bought Microsoft Points, as well as FIFA 11 or 12 appearing on their gamercards.

Microsoft is currently sorting out the situation, but says the service as a whole hasn’t been compromised.

“We do not have any evidence the Xbox LIVE service has been compromised. We take the security of our service seriously and work on an ongoing basis to improve it against evolving threats,” said an MS statement to Ars.

“However, a limited number of members have contacted us regarding unauthorized access to their accounts by outside individuals. We are working with our impacted members directly to resolve any unauthorized changes to their accounts.

“As always, we highly recommend our members follow the Xbox LIVE Account Security guidance provided at www.xbox.com/security to protect your account.”

Latest

13 Comments

  1. Freek

    In order words, a few people used easely geuse-able passwords.

    #1 3 years ago
  2. Tech-N9ne

    Your Xbox live account could be also your MSN account, Zune account and a whole bunch of other MS services. This is how mine is setup, and I believe alot of other people. If one is breached, all is breached.

    MSN messenger is one of the main sources of these hacks, with people using all sort of IM clients all signing in with their Live Id username and password, the same as their Xbox live account, if they have one. These sort of hacks are unavoidable for careless people.

    This is different from someone or some group hacking into Microsoft servers and stealing user details like happened with the PSN hack.

    #2 3 years ago
  3. freedoms_stain

    Compare this headline to where the exact same thing happened on PSN last week, where’s the scare mongering this time?

    #3 3 years ago
  4. OrbitMonkey

    @3 C’mon man, you know that LIVE is unhackabubble!!

    #4 3 years ago
  5. Clupula

    @3 – that’s different! Sony don’t pay as much advertising money to websites as Microsoft do.

    #5 3 years ago
  6. Psychotext

    Related, it’s funny just how many security questions are easily answered by five minutes on someone’s facebook page.

    /thumbs up

    #6 3 years ago
  7. DUFFKING

    @3

    Because as the headline says, it’s because Live hasn’t actually been completely compromised. It seems to be people using social engineering to get passwords to EA accounts, which are then presumably the same email + password used on the live account. As opposed to there being a huge security hole allowing people to download everyone’s card details.

    #7 3 years ago
  8. Gama_888

    @3 yaknow i thought the exact same thing when i read this thread and its comments.

    One way or another the service has in some way been compromised, and yet everyone jumps to M$’s defense?? wtf?

    Admittedly this is a much minor thing than what happened to Sony, but if it were to happen to M$ in the same way, then i hope no-one would be defending them, considering your paying for that service aswell.

    #8 3 years ago
  9. freedoms_stain

    @7, I said last week, not months ago, I’m referring to this: http://www.vg247.com/2011/10/12/93000-accounts-compromised-in-psn-attack/

    Compare the headlines.

    And the “attacks” have near identical rings, except in one case the issue came to light because Sony announced it and the other came to light because people publicly complained, yet the more honest account is the one with the more negative implications.

    #9 3 years ago
  10. Joe Musashi

    @7 The incident last week was not the same as the one earlier in the year. It was entirely different but the headlines would make the casual reader believe they’re the same thing. #3′s statement is actually correct. I think you’ve just given a good example of how people’s understanding of events can be manipulated by headlines designed to startle rather than inform.

    (Not to mention the huge factual inaccuracy of your “allowing people to download everyone’s card details” statement. That’s not what happened at all. If you believe it is then you’ve been incorrectly informed.)

    JM

    #10 3 years ago
  11. neon6

    noone is safe

    #11 3 years ago
  12. DUFFKING

    @9

    Sorry, didn’t read your post properly.

    #12 3 years ago
  13. flomoloko

    This isn’t about bad passwords or social engineering. This is some type of system exploit originating out of China. It happened to me, and I am very good about security and not falling for any BS. If you have an XBOX Live gold account with a credit card attached, you better watch out.

    #13 3 years ago

Comments are now closed on this article.