Major Nelson admits xbox live security breach

"Earlier this week when I first heard about the "Xbox Live network hacked" story, I checked with the people on our end, and then posted about it. As originally posted, Xbox Live has not been hacked. That is still true. A security researcher, Kevin Finisterre, discovered not a hack, but the fact that some accounts may have been compromised as a result of 'social engineering', also known as 'pre-texting', through our support center. Kevin gave me a call directly and once I realized what he was talking about (he sent me some painful-to-listen-to audio files) I confirmed that the team is fully aware of this issue. They are examining the policies, and have already begun re-training the support staff and partners to help make sure we reduce this type of social engineering attack."

Read Full Story >>
The story is too old to be commented.
Foulacy5202d ago

yes! woohoooooooooooooo go microsoft!

FordGTGuy5202d ago

stupid tech support are dumb enough to give away all your information like idiots.

Skynetone5202d ago

It follows a number of complaints from gamers that their IDs, or gamer tags, have been taken over while playing.

The problems came to light after security researcher Kevin Finisterre reported his experience of a problem first-hand on his website.

In a statement Microsoft said it had found no evidence of any compromise of the security of Xbox Live.

Support run-around

As well as at least 50 other people complaining on the official Xbox forum about having their gamer tags stolen, Mr Finisterre also found clans (gaming groups) openly boasting about stealing accounts.

Some claimed the information was being extracted from people working for the Xbox Live support service

"One of the first posts said they were not stealing the account details but being given them by Xbox Live support," Mr Finisterre told the BBC News website.

A Microsoft spokesman told the BBC News website that "rumours about accounts being hijacked are false".

In a statement the firm said: "There have been a few isolated incidents where malicious users have been attempting to draw personal information from unsuspecting users and use it to gain access to their Live account.

"We think this is a good time to remind our members that they should never give out any of their personal information."

Mr Finisterre, who started a website in January revealing a different bug in Apple systems each day of the month, said he had believed his account had been affected.

"On Thursday last week I was playing Halo and a gentleman said he was going to steal my account," he told the BBC News website.

The next day he found he had been locked out of his account, with the explanation that someone else was using his gamer tag.

"I phoned Xbox Live support but was given the run-around," he said.

Begging for help

Eventually a conversation with a support agent, which he has recorded and put on his website, revealed that several other Xbox users had called with the same problems.

"They said there was nothing they could do and accused Bungie of being responsible," he said.

Bungie Studios is the Microsoft-owned developer of Halo and Halo 2. Microsoft also denies that the company had been hacked.

Mr Finisterre said he was unimpressed with the way Microsoft's support service had dealt with the problem.

"There are people out there begging for help and they clearly aren't getting it," he said.

Mattey5202d ago

its about time microsft stopped turing a blind eye to this i have had my account stolen and it sucks

Says you5202d ago

Now it wasnt really a hack only some one accidently hacked into some bodys XBox Live account and they say that Sony lies look what happend to one of there own Microsoft executive that lied to XBox 360 fans.

ronscrote5202d ago

I reported this to MS a few months ago but they just shrugged it off as a non-issue.