Sugarfix

@xdup: It wasn't the first post I wanted to make either!

I had pretty much the same (without the EA account bit or transferring my gamertag) and it took MS about 30 days to correct it, but correct it they did.

I've had no response from MS (it's a surprise and a shock, I know) to my question of what they;re going to do about beefing up security to stop account being recovered to unknown consoles and also WHY they allow EA to sell DLC that can be transferred between accounts. If they allowed to to move ANY DLC, it wouldn't bite so much as I'd like to move some "Exclusive DLC" attached to my account to my nephew's account, but no, only certain stuff at their discretion.

Good luck in a speedy resolution and fund recovery!

@TooWalrus: A moustache. An annual charity Mo grow in aid of men's health awareness. A worthy cause.

mobro.co/sugarfix

Anyone else growing a mo for Movember?

@Branthog said:

You know, I hear stories about people having their accounts here or there "hacked" every day. It really comes down to a failure on their part, except for the rare cases where the servers on the other end have themselves actually been compromised in which case it isn't the user's fault, obviously. The same goes for viruses, frankly. I know it sounds mean to suggest that people themselves are a big part of the blame, but it's reality. They need to lock down the network they're using, use a better password, or guard their personal information better. In almost twenty-four years, I have never had a machine become infected and I've never had an account hacked. Not at school, work, home, on BBSes, the internet. Nowhere. Ever.

Then you have people who are varying degrees of careless. They're the ones that you see REPEATEDLY updating their facebook status to say "my account was hacked, again".

But as I pointed out in the other thread, I'me incredibly careful with my security and managed to reset my password while they were using my account elsewhere (I not only changed it on my pc using an on-screen keyboard in case I had somehow become infected with a keylogger but I also changed it on the XBox. I also changed the method of password reset to send an SMS to my mobile and not my email, in case they had access to that too) and yet, they were able to take control of my account again immediately. The only possibility is that they used the answer to my secret question and NO ONE could happen to stumble across the answer, in fact I doubt they'd manage it with a any kind of guess or brute force. I get zero results if I try and Google the answer.

However they did it, Microsoft could still do more to help prevent people spending YOUR money when they do mange to gain access like requiring the 3 security digits off the signature strip to confirm purchases or better still using the SMS feature to require confirmation before allowing your gamertag to be restored to an unknown Xbox.

Lax security on the users part is being matched in equal measure by apathy from MS on this one.

Well,

I've just been on the phone again to MS (I'm determined to nag them about it) and the call agent I spoke to said something really interesting: He said, and I quote "Oh yes, it's an issue with EAs servers". When I pressed him for more information, he was unwilling to go any further.

Just thought I'd spread the word...

Whether or not FIFA 11, 12 or MS or EA Customer Service is being used in some way to access users accounts, the REASON people are hacking accounts if BECAUSE of FIFA DLC. Remove the DLC, remove the problem.

I've just sent an email to FIFA just in case they weren't already aware of the current situation. I've outlined the suggestions I've made in this thread to them and suggested that they put some pressure on MS & EA as it's also FIFA's spotless reputation (ha ha!) that's being affected by MS's continued assertion that this isn't that big a deal.

@pemtaphalon said:

what realy hurt was an email i got from esaying they hope i'v been enjoying fifa 12, would i like to tweet about it....salt in the wounds man

I know exactly what you mean! It actually infuriated me.

Here's another thing they could try: If the spate of account hackings are all people using other accounts to purchase what I understand are trading cards that can be transferred between accounts, STOP SELLING THEM AS DLC UNTIL IT'S SORTED!

It's not rocket science Microsoft/EA.

Microsoft need to get their house in order over 2 things at the very least for me:

1: Stored credit card usage - I'd like to see some further requirement such as the 3 digits off your signature strip being entered each time you want to purchase DLC.

2: Gamertag recovery - If I can set my account to require a SMS text message to my phone before a password can be recovered, it's not beyond the wit of man to use a similar (if not exactly the same) mechanism to recover your gamertag to a console I've never used before.

Would anyone find either of those 2 additional security steps to be a burden in order to secure their account a little further?

Question: What should I use my blog for?

Righting wrongs?

Curing disease?

Solving the international credit crisis?

... Nah! I'll just have the XP for this quest please!