At 1:30 pm Eastern, I almost flipped my lid again. I got an e-mail at my Gmail account that a password reset had been requested for my Windows Live ID. "Those Sons of Bitches!" I thought (and probably said out loud) as I sprung into action. I wasn't going to let these nefarious, probably foreign (because I'm casually racist) hackers get my account again. And with Microsoft on the case, no less! The indignity of it was too much.
As I was furiously trying to write down the bizarre, super-strong password I'd chosen for my Windows Live ID, I got another e-mail, this time from Xbox Customer Support. It was informing me the investigation was over, they had temporarily taken control of my account, and I would soon be seeing (HA!) an e-mail instructing me to reset my Windows Live ID password. Microsoft has identified fraudulent charges and refunded the price of the $1600 MS points, plus restored 2500+ points I had on my account. I knew the hackers had gotten some points, because I have the terrible habit of buying 6000 at a time and just leaving them there for impulse purchases. Or rather, I HAD that habit, before this. I got a code for a one month free extension of Gold and the offer of 800 MS Points to reset my Gamertag if it had been compromised. Luckily, it hadn't.
While I had visions of this being a drawn out nightmare, it really couldn't have gone more smoothly. A friend of mine did get his account hacked yesterday, and I hope the hackers didn't grab his GT off my friend's list. I'd feel bad if that were the case. I think it's been said that the unexamined life isn't worth living, so I asked myself if I learned anything that I could pass on. I think I did:
1. Take password security seriously. Use strong passwords and DON'T REPEAT THEM. I know I didn't get phished. I know I didn't get socially engineered out of a password. If I had used a little stronger password and not fell into the trap of using a moderately strong password in multiple locales, maybe I wouldn't have been as easy of a target to hack.
2. I should diversify my gaming habits. The thought of being 360-less this weekend, before a week abroad on business, was frightening. I have a Skyrim character to continue! I have an unwrapped copy of KoA: Reckoning to start! I also have a bitching PC and a stack of PS3 games 2 feet high I've barely touched. I need to get on the stick and clear out this backlog some. I hear Uncharted 2 is AWESOME.
3. Sometimes, the companies you do business with come through. I feel terrible for the people who have spent 30, 60, 90 days or longer without access to their Live accounts. If you're vehemently anti-MIcrosoft or anti-corporation, this won't change your mind, but they did right by me. I'm nobody special to the, just a paying customer, but some companies realize you need customers to turn a profit. I work for a large, multinational company, but it's a means to a paycheck. Ultimately, I want the company to be successful so I'm paid well, and we need customers for that to happen. Even a big company like Microsoft should recognize the need to be customer-focused on issues like this. I hope my experience is closer to the norm than those horror stories, and it's a sign Microsoft is improving in its investigation processes and tightening up the security gaps that made this possible.
And finally, I have a special message for the hackers who did this: I don't know who you are. I don't know what you wantg, exactly, but it appears to have something to do with FIFA and the Ultimate Team. If you are looking for rare cards, I can tell you I don't have them. But what I do have, besides the abiulity to rip off Liam Neeson monologues, is a sick, bizarre need to increase my Gamerscore by a set number of points per year. My goal for this year was 7000, and I just wanted to say thanks for getting me 20 points I would NEVER have otherwise gotten. Since I got my MS points and cash back, I almost feel like I owe you one. Almost. Thanks anyway!
Hack noticed: 10:20 am, Wednesday February 8
Hack Resolved: 1:30 pm Friday, February 10
Total Elapsed time: 51 hours, 10 minutes.