Xbox Live accounts of “high-profile” Microsoft employees have been targeted in a hacking attempt that has been linked to U.S. social security numbers. The company is now working with law enforcement agencies to track down those responsible.
The Verge reports that the hacks were made possible via loopholes found in third-party apps, which involve the collection of US social security numbers.
Microsoft issued a statement on the matter which read, “We are aware that a group of attackers are using several stringed social engineering techniques to compromise the accounts of a handful of high-profile Xbox LIVE accounts held by current and former Microsoft employees.
“We are actively working with law enforcement and other affected companies to disable this current method of attack and prevent its further use. Security is of critical importance to us and we are working every day to bring new forms of protection to our members.”
However, Microsoft made clear that it does now ask for social security numbers from any of its Xbox Live users, and stated that hackers have been targeting sites that do, and then tracing back the user’s Xbox Live details from there.
The statement explained, “Microsoft does not collect or use Social Security numbers in its services, including Xbox LIVE Gamertags or Microsoft accounts. Attackers are targeting high-profile Microsoft employees by social engineering other companies that do use this data to intercept security proofs from Microsoft to compromise the accounts.”
It comes as the Xbox Entertainment SAwards hub suffered a security breach yesterday, which left almost 3,000 gamertags, email address and voter names exposed. Read up on the breach here.