If you click on a link and make a purchase we may receive a small commission. Read our editorial policy.

Unauthorized XBL account access may be coming from Xbox.com

It looks as though the Xbox.com website may be the source of the recent wave of compromised Xbox Live accounts, according to a report on Eurogamer.

Speaking with a source by the name of Jason and looking over the website AnalogHype, Eurogamer found the Xbox website allows for eight password attempts when logging into a Windows Live ID before CAPTCHA kicks in. This allows someone other than the account holder to run a password-generating script to gain access to the account before CAPTCHA recognizes the failed log-in attempts.

The person trying to gain access to the XBL account can simply find out the Windows Live ID by doing a Google search or by looking over a list of Gamertags which have played Xbox 360 games online.

Once a user name is chosen, a search for the account holder's email addresses is conducted, and then the culprit goes through a trial and error process trying to log into the account using the Windows Live ID system until successful, or giving up and moving on to the next account.

In other words, it's not an actually hack, like with last year's PSN debacle, but more along the lines of "brute force" unauthorized access with legitimate channels being used to gain entry into an account.

AnalogHype said this particular method of accessing accounts was discovered by a network infrastructure manager, who had his own XBL account broken into and 8000 Microsoft Points charged to his card.

Eurogamer contacted Microsoft, which said it is aware of the issue, but Eurogamer is still waiting for a formal response on the matter.

Sign in and unlock a world of features

Get access to commenting, homepage personalisation, newsletters, and more!

Related topics
About the Author
Stephany Nunneley-Jackson avatar

Stephany Nunneley-Jackson

News Editor

Stephany is VG247’s News Editor, with 22 years experience (with 15 of them at VG247). With a brain that lacks adhesive ducks, the ill-tempered, chaotic neutral fembot does her best to bring you the most interesting gaming news. She is also unofficially the site’s Lord of the Rings/Elder Scrolls Editor.

Comments