Rash of Live Accounts Hacked

#1 Posted by m0nk3y80y (181 posts) -

My Xbox Live/Windows Live account was recently hacked and a large amount of points purchased with my credit card. I have a friend who had the same thing happen to him last week and I have talked to three other people who have had this happen recently too. With the PSN hacked and personal information leaked, it makes me wonder if the Xbox Live service has been compromised too. Yet I have seen no news outlet or Microsoft say anything about this. Has anyone here on GB been hacked? I would like to figure out if this is just a small group of people hit or if this is a major problem. If you have had your Xbox Live account hacked let us know here and if this is a big deal maybe GB will help us investigate further.

#2 Posted by EuanDewar (5033 posts) -
@m0nk3y80y:  If XBL had been hacked we would have heard it by now, this is just you getting hacked.
#3 Posted by Azteck (7449 posts) -

SkyNet is moving on from Sony! PANIC!!!

#4 Posted by BraveToaster (12589 posts) -

You would probably get more info on the xbox.com forums.

#5 Posted by abdo (1037 posts) -
@m0nk3y80y: Glad to say I never used my card on XBLA, and after the PSN debacle probably never will. My advice is from now on buy point cards instead. You'll probably save money in the process.
#6 Edited by m0nk3y80y (181 posts) -
@EuanDewar:  Never hurts to ask around and make sure it's just an isolated incident.
#7 Posted by m0nk3y80y (181 posts) -
@abdo:  I'll probably start doing that.
#8 Posted by Gamer_152 (14091 posts) -

I haven't had it happen to me or heard of it happening to anyone else. Sucks that happened to you though.

Moderator
#9 Posted by blalala (122 posts) -
@m0nk3y80y said:
" My Xbox Live/Windows Live account was recently hacked and a large amount of points purchased with my credit card. I have a friend who had the same thing happen to him last week and I have talked to three other people who have had this happen recently too. With the PSN hacked and personal information leaked, it makes me wonder if the Xbox Live service has been compromised too. Yet I have seen no news outlet or Microsoft say anything about this. Has anyone here on GB been hacked? I would like to figure out if this is just a small group of people hit or if this is a major problem. If you have had your Xbox Live account hacked let us know here and if this is a big deal maybe GB will help us investigate further. "
Why would someone do this, I mean, what does the hacker stand to gain from buying points for your account? It seems quite odd to me.
#10 Posted by Lunar_Aura (2779 posts) -


[in my best junior high voice]

 

Asttuuuuupppiiiidddd!!!!!

#11 Posted by m0nk3y80y (181 posts) -
@blalala:  I don't get it either. Maybe the hacker hopes that if their hack enough accounts they'll find one or two people who don't use their account anymore or are just too lazy to care and then they can use those accounts as they own.
#12 Posted by RichardLOlson (1852 posts) -
@abdo said:
" @m0nk3y80y: Glad to say I never used my card on XBLA, and after the PSN debacle probably never will. My advice is from now on buy point cards instead. You'll probably save money in the process. "
Yea I have to agree, I just buy the point cards and renew cards.  Saves money and I don't have to worry about shit like this.  It does suck that it happens and I think people who do this kinda shit need to get there heads bashed in.
#13 Posted by StaticFalconar (4849 posts) -

It surely is virtual  Armageddon if its true. 

#14 Posted by jaycro (7 posts) -

Hey, same thing happened to me! I've been looking to see if it happened to anyone else. They bought 10,000 points and bought a bunch of something called a " PREMIUM GOLD PACK " and " GOLD PLAYERS PREMIUM."

I woke up this morning and checked my email and saw a bunch of points notification emails. Really mad, but what're you gonna do? They took my account for 7 days while they look into the fraud. I just hope I get my money back.

#15 Posted by MagnetaHint (9 posts) -

Wow, this sounds serious. 

#16 Posted by Sogeman (872 posts) -

The only thing compromised is your shitty password or security question or w/e.

#17 Posted by jaycro (7 posts) -
@Sogeman said:
The only thing compromised is your shitty password or security question or w/e.
I guess that's possible, but my password on my windows live account wasn't changed. I went in today and updated it and I don't reuse that password anywhere.

But I just recovered my profile and there's a new game on it: FIFA 11. The only achievement is "Visit the EA Store." So I guess they bought some shit from the EA store on my account for some reason. I mean, there's no way they got anything out of this which makes me think they were targeting me, but I have no idea why anyone would. Just looking over my profile, the last time I played a game on my 360 online was last June when I played one game of Splinter Cell Conviction. I don't know anyone else who would want to fuck with my credit card and I don't know anyone who even owns FIFA 11.

It's just really frustrating. I don't think this is some wide-spread thing (although I guess it could be) since there's no profit being made, but it really inconvenienced me.
#18 Edited by RoachycaL (3 posts) -

 Long time member, first post!!!
 
Search for "Microsoft Points" on Tradetang.com
 
What these guys do is steal accounts then use the card to buy a large amount of points on a new silver account. They sell the silver account to people on this website for a discount. I have come across plenty of people on the net who buy these accounts for as low as £6 with 10,000 points on them. Most people dont know that they have been purchased with a stolen card however and simply think they are getting a great deal. I purchased one until I realized it had some random persons billing information on it and stopped using the account immediately...
 
Microsoft dont seem to want to do anything about it - if they find out they wipe the account clean of points but nobody gets prosecuted. It has been going on for years.

#19 Posted by Stefanten (55 posts) -
@RoachycaL: Wow.. Do you know how they manage to steal people's accounts? Keyloggers?
#20 Posted by MisterChief (832 posts) -
@Stefanten said:
@RoachycaL: Wow.. Do you know how they manage to steal people's accounts? Keyloggers?
Social engineering. Calling up some call center in India and saying that you forgot your password. That's all it is.
Online
#21 Edited by Ocean_H (290 posts) -
@m0nk3y80y said:

My Xbox Live/Windows Live account was recently hacked and a large amount of points purchased with my credit card. I have a friend who had the same thing happen to him last week and I have talked to three other people who have had this happen recently too. With the PSN hacked and personal information leaked, it makes me wonder if the Xbox Live service has been compromised too. Yet I have seen no news outlet or Microsoft say anything about this. Has anyone here on GB been hacked? I would like to figure out if this is just a small group of people hit or if this is a major problem. If you have had your Xbox Live account hacked let us know here and if this is a big deal maybe GB will help us investigate further.

Just wondering: VISA, MasterCard or AMEX?
 
Btw, Major Nelson and Stephen Toulouse's XBL accounts have been hacked not long ago. You can google on that.
#22 Posted by CptBedlam (4453 posts) -

Hacked accounts are not the same as hacked servers.
 
Well, I'd never usw my credit card with an XBL account ... heard many bad things and it's not that inconvienient to buy points and memberships somewhere else.

#23 Posted by MideonNViscera (2257 posts) -

It's probably all Hotmail's fault. Virtually everyone I know's Hotmail has been invaded over the past few years, mine included.

#24 Edited by RoachycaL (3 posts) -
@MisterChief said:

@Stefanten said:

@RoachycaL: Wow.. Do you know how they manage to steal people's accounts? Keyloggers?
Social engineering. Calling up some call center in India and saying that you forgot your password. That's all it is.
Yeah I believe sometimes they can get them through call centers but not very often. I had a friend who had his details stolen a few years ago by someone who did just that. I seriously doubt that this is the only way they get peoples info though. If you look at the sellers, they have sold thousands of these accounts - Microsoft would realize if it were that obvious.
 
I asked one of the sellers where they get them from and he told me that they buy them in bulk then sell them on. I would imagine the information is retrieved by engineered viruses which will essentially cast out a huge net and get some usernames and passwords back. 
 
Unfortunately someone is paying for all this. The victims get their money back from their bank I would imagine which means Microsoft are out of pocket as once the points are spent they cant be taken back.
 
Its a shame because its an awesome deal getting those points for that price, but there is always a reason why they are so cheap!
#25 Posted by m0nk3y80y (181 posts) -
@Ocean_H: Although I can think of much one could do with what brand of credit card I have, I hope you'll understand if I'm weary of handing out personal info.
 
 
Also, It has been nearly a month and this has not been cleared up. I have talk to Microsoft every week and generally the same answer, the department that handles compromised accounts is backed up and that my case is still pending investigation. To me this means two things: First, that lots of xbox live accounts have been hacked and secondly, xbox accounts are too damn easy to hack. This is just speculation, but that's all I can do right now, and thus why I reached out to the GB community. 
 
Worst of all, my account has been suspended till the investigation is over, so I'm locked out of a service I pay for because of some asshole with too much time on his hands.
#26 Posted by m0nk3y80y (181 posts) -
@jaycro: Let me know how long it takes Microsoft to fix your account. I had to call twice to get the process started for me. The first time the support guy was really helpful, but sent the request to the wrong department and they call and told me I was outta luck. The second person caught that mistake and sent it to the write place, but that was over 15 days ago. I've call to check up on it and all the billing guys can say is that someone is looking into it.
#27 Posted by melcene (3056 posts) -
@m0nk3y80y said:
@Ocean_H: Although I can think of much one could do with what brand of credit card I have, I hope you'll understand if I'm weary of handing out personal info.   Also, It has been nearly a month and this has not been cleared up. I have talk to Microsoft every week and generally the same answer, the department that handles compromised accounts is backed up and that my case is still pending investigation. To me this means two things: First, that lots of xbox live accounts have been hacked and secondly, xbox accounts are too damn easy to hack. This is just speculation, but that's all I can do right now, and thus why I reached out to the GB community.   Worst of all, my account has been suspended till the investigation is over, so I'm locked out of a service I pay for because of some asshole with too much time on his hands.
Welcome to having a digital account hacked.  World of Warcraft players know exactly what you're going through.  They get hacked, their virtual goods are all sold off, their account is used for "gold-selling," then the account gets suspended for illicit activities.  Then they go through the same run-around to get their account restored and maybe get their stuff restored.  It's not limited to Microsoft by any stretch of the imagination, but as you noted, you're speculating, based on your own experience, that tons of people must be having this experience.  I think we'd hear more of an uproar though, especially given that people were unable to use PSN, and many turned to XBL in the meantime.
#28 Posted by louiedog (2335 posts) -

This is why I don't have a card associated with my account. Amazon sells codes for points and live subscriptions which you can then just copy and paste on xbox.com. It's another 2 minutes of effort but often cheaper (even if only 20 cents or so) and you won't run into this situation.

#29 Posted by jaycro (7 posts) -
@RoachycaL said:
 Long time member, first post!!! Search for "Microsoft Points" on Tradetang.com  What these guys do is steal accounts then use the card to buy a large amount of points on a new silver account. They sell the silver account to people on this website for a discount. I have come across plenty of people on the net who buy these accounts for as low as £6 with 10,000 points on them. Most people dont know that they have been purchased with a stolen card however and simply think they are getting a great deal. I purchased one until I realized it had some random persons billing information on it and stopped using the account immediately... Microsoft dont seem to want to do anything about it - if they find out they wipe the account clean of points but nobody gets prosecuted. It has been going on for years.
Someone told me that, but they were spending the points they bought on these FIFA things.
 
Although I guess maybe they were planning on selling the stuff they bought?
#30 Posted by RoachycaL (3 posts) -
@jaycro said:
@RoachycaL said:
 Long time member, first post!!! Search for "Microsoft Points" on Tradetang.com  What these guys do is steal accounts then use the card to buy a large amount of points on a new silver account. They sell the silver account to people on this website for a discount. I have come across plenty of people on the net who buy these accounts for as low as £6 with 10,000 points on them. Most people dont know that they have been purchased with a stolen card however and simply think they are getting a great deal. I purchased one until I realized it had some random persons billing information on it and stopped using the account immediately... Microsoft dont seem to want to do anything about it - if they find out they wipe the account clean of points but nobody gets prosecuted. It has been going on for years.
Someone told me that, but they were spending the points they bought on these FIFA things.  Although I guess maybe they were planning on selling the stuff they bought?
Well I don't quite understand how but Microsoft detect the illegit points quite quickly (usually within a couple of days) and wipe the account back to 0 - so the sellers suggest that as soon as you get the account from them, to spend the points ASAP. This way Microsoft are actually losing out which makes me think they wont stand for it much longer. 
 
@Ocean_H - I'm sorry to hear about the mess you're going through with MS. Thats terrible service for suspending you're account. What the hell do they expect you to do? Because I'm a paranoid type of person I think I'm going to remove my billing information from my account!
#31 Posted by jhsauls (42 posts) -
@jaycro: Wow man, almost the exact same thing happened to me.  See my post that I started recently..didn't see this topic that was already started.
#32 Posted by jaycro (7 posts) -

Well, my issue is resolved now.
 
It wasn't the best customer experience I've had though. So the basic timeline is three weeks ago I called and they said that it'd be resolved in 7-10 business days, so about two weeks. They called me about five days later, but they just wanted to confirm my account information (my credit card is under my real name and my account is under a nickname so they were confused). They said that they'd be back in touch with me by the end of the day.
 
That was a little over two weeks ago without any contact.
 
Just today I called and asked for an update and they said the investigation was closed and my account is back online. So I said "that's great... but what about the money?" Then I got put on hold and he came back and let me know they determined that the charges were made when the account was not under my control and the funds will be back in my account in five business days (which isn't unexpected; these transactions can take time). But for my trouble they gave me a one month extension on my XBL! Hooray! Wait, actually I mean "well I hope so since I was suspended for a month during the longest investigation ever." They also credited me an astounding 360 points for my trouble.
 
So new topic: what can I buy for 360 points?

This edit will also create new pages on Giant Bomb for:

Beware, you are proposing to add brand new pages to the wiki along with your edits. Make sure this is what you intended. This will likely increase the time it takes for your changes to go live.

Comment and Save

Until you earn 1000 points all your submissions need to be vetted by other Giant Bomb users. This process takes no more than a few hours and we'll send you an email once approved.