Tales of a FIFA Hack: Days 1 and 2

Posted by Asmo917 (395 posts) -

I have a terrible habit for a working professional: I can't resist checking my e-mail on my iPhone. I spend 8 to 16 hours a day staring at my corporate Outlook client, but when I hear my personal iPhone buzz, I have to look. Yesterday, I heard a buzz while I was in the middle of a conference call. Usually this wouldn't stop me from sneaking a peek, but I had one of my employees in my office with me. 40 minutes later, I was back to work with the buzz all but forgotten...until another one. The most recent buzz was some piece of spam, but the earlier message was from

MICROSOFT *XBOX LIVE with a subject of "Purchase Confirmation for 1600 Microsoft Points Bundle"

I'm not above adding something to my download queue for Live from the web interface from work, but I had definietly NOT purchased these points at 10:20 am on a weekday. I'm assuming most readers of Giant Bomb have read Patrick Klepeck's work on the "FIFA hack" or have heard about it from somewhere else; that's exactly what happened to me.

I immediately removed the credit cards I could from the account, changed the password and my Windows Live ID password, and left the office to call Xbox support from home to report the problem with my console info handy. The process was pretty smooth, and the support rep told me the investigation would take "3-7 days."

I'm going to try to document my experience as best I can, day-by-day. The unfortunate thing is that for business days 4-8, I'll be in England for work. I plan to let Xbox do their thing, and we'll see if I hear anything from Microsoft before that 7th day. If it wasn't for the work trip, these middle days would be a catalogue of my descent into madness.

I'm hopeful this is much ado about nothing. If this hits day 50 or so, there will be rage.

#1 Posted by Asmo917 (395 posts) -

I have a terrible habit for a working professional: I can't resist checking my e-mail on my iPhone. I spend 8 to 16 hours a day staring at my corporate Outlook client, but when I hear my personal iPhone buzz, I have to look. Yesterday, I heard a buzz while I was in the middle of a conference call. Usually this wouldn't stop me from sneaking a peek, but I had one of my employees in my office with me. 40 minutes later, I was back to work with the buzz all but forgotten...until another one. The most recent buzz was some piece of spam, but the earlier message was from

MICROSOFT *XBOX LIVE with a subject of "Purchase Confirmation for 1600 Microsoft Points Bundle"

I'm not above adding something to my download queue for Live from the web interface from work, but I had definietly NOT purchased these points at 10:20 am on a weekday. I'm assuming most readers of Giant Bomb have read Patrick Klepeck's work on the "FIFA hack" or have heard about it from somewhere else; that's exactly what happened to me.

I immediately removed the credit cards I could from the account, changed the password and my Windows Live ID password, and left the office to call Xbox support from home to report the problem with my console info handy. The process was pretty smooth, and the support rep told me the investigation would take "3-7 days."

I'm going to try to document my experience as best I can, day-by-day. The unfortunate thing is that for business days 4-8, I'll be in England for work. I plan to let Xbox do their thing, and we'll see if I hear anything from Microsoft before that 7th day. If it wasn't for the work trip, these middle days would be a catalogue of my descent into madness.

I'm hopeful this is much ado about nothing. If this hits day 50 or so, there will be rage.

#2 Posted by Demoskinos (14579 posts) -

Best of luck sir. This is a pretty shitty situation to be in. I hope everything shakes out for you.

#3 Posted by Asmo917 (395 posts) -

@Demoskinos: Thanks! I'm actually pretty positive and optimistic here at the start. I only got taken for $20 up front, and I'll have my attention focused elsewhere during the heart of the investigation. I'm hopeful this will be resolved quickly, and I feel like I know from Patrick's reporting that if I stay persistent, I won't be Live-less for long.

#4 Posted by MasturbatingestBear (1188 posts) -

Hopefully everything is fixed proper for you. How does it even happen? Need you have already played Fifa?

#5 Edited by Asmo917 (395 posts) -

@MasturbatingestBear: I played FIFA for about a week around its launch. This was the first year I've tried it. The term "FIFA hack" is a bit misleading if you're looking at the cause of the problem. I don't remember if this was from a Klepek report or something I read elsewhere, but the root of the problem is/was that the Windows Live ID (which is a parent to your Xbox Live account) website did or doesn't lock you out from continuing to try to access your account after X wrong password entries. So if someone knows my e-mail address, they can try to enter that with any password until they get it right. I had a medium strength password, and they apparently got it. From there, they were able to recover my Live account to a console that wasn't mine.

Since I have a credit card attached to my GT for ease of renewal, they were able to use that to purchase MS points. Where does FIFA come in? They use those points to buy FIFA Ultimate Team card packs. From there? I have no idea what they do with them. There has to be a way to monetize those, but I don't know what it is. they can also sell a cracked account, but since mine's locked down with a new password, it'll be no good to anyone. I presume and hope.

#6 Posted by big_jon (5709 posts) -

I uped my password to help protect me.

This edit will also create new pages on Giant Bomb for:

Beware, you are proposing to add brand new pages to the wiki along with your edits. Make sure this is what you intended. This will likely increase the time it takes for your changes to go live.

Comment and Save

Until you earn 1000 points all your submissions need to be vetted by other Giant Bomb users. This process takes no more than a few hours and we'll send you an email once approved.