The lights are on
Microsoft claims the recent string of overseas phishing attempts against Xbox Live members is not a result of the service being hacked.
One such phishing scam was detailed on a Tumblr blog called “Hacked on Xbox.” User Susan Taylor had her Xbox Live account illegally accessed by someone who apparently then purchased a Family Gold Pack under her name and gifted points to other accounts that are later sold through online auctions.
In total, Taylor lost $300 from her PayPal account and has since been refunded for her troubles.
“Microsoft can confirm that there has been no breach to the security of our Xbox Live service. In recent cases, some Xbox Live members appear to have been victims of malicious scams,” a spokesperson said. “Unfortunately this is something that affects many Internet based services.
“The online safety of Xbox Live members remains of the utmost importance, which is why we consistently take measures to protect Xbox Live against ever-changing threats. However, we are aware that a handful of customers have experienced problems getting their accounts restored once they’ve reported an issue,” the company added.
“We are working directly with those customers to restore their accounts as soon as possible and are reviewing our processes to ensure a positive customer support experience.”
If you read that womans blog, it's pretty clear that she didn't fall for the phishing scam. That doesn't mean that xbox got hacked. Still, it is their system that allows for this type of behavior. These people steal accounts and sell them to others. It's pretty simple in how it works. He somehow found her password, changed it. Bought a bunch of xbla points and some family packs. Transferred the points to various accounts.
He then sells these accounts on an online auction house in Poland or somewhere. People buy an XBLA account with a bunch of games or points already on it for a discount and he makes all profit.
So it may not be a hack, but it is a breakdown in security.
I just read that woman's blog and it's horrifying! Also, it's unlikely she was the victim of a phishing scam. This kind of thing is EXACTLY why I don't have my credit card linked to my gaming accounts.
I don't think Ms. Taylor was a victim of phishing. Whatever happened to her was worse, and Microsoft really botched their handling of it. They better get their stuff together, no reason she should have lost that other $100+ dollars. They should have locked her account like they said they would.
This just happened to me good thing all I lost was some points and I froze my account in time
I haven't had any problems with my account, but if I did I would be pissed.
In other news the new Xbox dashboard sucks ballz. With all of the advertising and additional steps it takes to get around we should all be getting gold for free.
oh hackers and phisherrs you makes life interesting :/
At least she was reimbursed.