Microsoft Corp. on Wednesday said it is actively investigating reports of “fraudulent behavior and theft” on its Xbox Live online video gaming service, which has more than 6 million subscribers.”Recently, there have been reports of fraudulent activity and account theft taking place on the Xbox Live network,” Microsoft said in an e-mailed statement.
On February 11, an Xbox Live user posted a message on a Microsoft Xbox forum complaining about a hacked account and stolen credit card information.
Updated:
“We want to reassure all of our 6 million Xbox Live members that we have looked into the situation and found no evidence of any compromise of the security of Bungie.net or our Live network,” Microsoft said in a statement, tonight.
Sleep tight. Microsoft’s in control.
The Reuters story says a user reported credit card theft from a hacked account. If a MS account got hacked, doesn’t that imply we may soon read about theft of millions of credit card numbers there?
It happens a lot, granted, but since MS has been trumpeting security, I have to wonder how their PR agency will handle damage control if that’s how it turns out. Of course, the user might just be blowing smoke to cover up going over her credit limit. Wouldn’t be the first time, I bet.
I have an xbox live gold account, and you can’t GET your credit card information off it, even if it IS your own account. If anything you’ll see a partial credit card number displayed on the screen. Like with ANY online service, shop, or anything, you cannot retrieve personal info in the open like that.
If you were able to login with someone else’s XBL account on your Xbox, all you can do is buy Microsoft points, and buy a bunch of XBL Arcade games and videos and bill it to their credit card. BUT, you still have to be logged into that XBL account to play those games or watch those videos. Remember they use DRM and nothing is transferable, not even the microsoft points are transferable.
Plus most XBL accounts don’t have passwords (or passcodes like they did have prior to the 360) you do have an option to do so, but I’m sure the majority of 360 users use the auto-login to XBL for the convenience.
The only fraud that’s going on here is Xbox 360s that they keep DYING on me, and thousands of other gamers. I’m about to receive my 3rd Xbox 360 from the repair shop. I haven’t even had my first 360 for a year yet, and I’m going to be using my THIRD one in 9 months! Thank Gawd for Service Contracts, best $50 I spent!
To start, it’s InfamOuS with a capital ‘O’ not a zero.
Second, these malicious Xbox hackers are merely socially engineering tech support after brute force guessing some of the necessary pieces of information to access an account (such as to do a password reset or change the associated e-mail address.)
Last. this should be a reminder how fragile our online fun really is. Almost all personal internet security for memberships, forums, and some commerce, boils down to clear text POP3 and SMTP traffic on the wire(less) network, or the kindness of strangers on the phone.