Xbox live accounts being hacked?

[Scraggles]

I woke up this morning to check my bank account(payday) and realized my total balance was smaller than my expected paycheck. I clicked to look further into the account and found that I was billed almost 80$ from microsoft. I immediately got on the phone with them. While on hold I checked my email to find 4 emails from them. 3 regarding points purchases, and a 4th titled 'Account Switch Confirmation'. That email stated that my region was successfully changed to Russia from the US.

Well. Currently Microsoft locked my account, pending an investigation. I've found that 4 of my friends also had their information stolen and used last night. I'm in New York, 2 are in the same town as me, 1 in maine, and 1 in california.

Microsoft claims the investigation will take roughly 25 days. I'm ****ed. They claim I'll be 'compensated'. I'm planning on getting my money back, and terminating any financial connection I have with them. If they were half a decent company would compensate me immediately. They guy claimed 'Well we have to make sure you didn't do it.' A) he could see that my xbox was used from the US last night. B) Another xbox with a matching serial number was accessed from Russia at about 7am. Then at 10am the SAME xbox was accessed from New York again. I told him "Well spaceman, I have to use more primitive forms of travel and as of right now it is impossible for a middle class new yorker to travel that fast."

While he found that funny, 25 ****ing days. I'd highly suggest that if you don't purchase stuff on a daily basis on xbox live, remove your credit card information just to be safe.

[Paul Ferson Veteran]

By any chance did you play FIFA 12? it's not Microsoft who are to blame - it seems to be a vulnerability with EA's online system and FIFA 12 in particular. It's happened before and people have reported someone playing FIFA 12 on the console. Unfortunately, the lock-out is part of Microsoft's policy but they will refund you, so no worries there.

[Scraggles]

No. I haven't played fifa at all. Last night I played Rocksmith, and Alan Wake. Today, this. When I logged on it said I had played Battlefield 3, which I don't even own.

[mattmatik]

I was victim of this at the beginning of September. It's not just a FIFA 12 issue, I assure you. Not sure what is going on. I ended up with $140 in refunded money from Microsoft and made a new gamer tag...and never put my CC info on LIVE again.

[DR3AMxCATCHER]

I got hacked back in September and had about $110 in charges added against me. Not sure what really happened, but Microsoft did confirm I was hacked and I removed all my information my old accounts. I also got a few months of Xbox Live as compensation for what happened.

[Skin]

guess maybe what happened to Sony also happened on a scale to MS... but they are treating them as one-offs and laying low.

[Rooster69]

guess maybe what happened to Sony also happened on a scale to MS... but they are treating them as one-offs and laying low.

Not even close. Peoples accounts are being compromised either through third party applications/companies that maintain individuals account information they put in or poor password strength. Sony was down right hacked, Microsoft is not responsible for third parties or stupid.

[DR3AMxCATCHER]

Not even close. Peoples accounts are being compromised either through third party applications/companies that maintain individuals account information they put in or poor password strength. Sony was down right hacked, Microsoft is not responsible for third parties or stupid.

I wouldn't go as far as stupid. Microsoft isn't perfect, they do have flaws in that system which they've admitted to me over the phone. I would also state that I have many different passwords, even though that might not make any difference. It is what it is and my issue got resolved fairly quickly.

[Scraggles]

I wouldn't go as far as stupid. Microsoft isn't perfect, they do have flaws in that system which they've admitted to me over the phone. I would also state that I have many different passwords, even though that might not make any difference. It is what it is and my issue got resolved fairly quickly.

How long did it take. I've got bills to pay and I can't wait '25 days' unless Microsoft is willing to pay any late fees.

[BajiRav]

I am not blaming the hack on you but why in the world would you directly link any online transaction directly to your bank account! (I am guessing debit card?) If you can't get a credit card, use the points card etc.

About account hack, have you checked your Windows Live account? Is it hacked or still in your control?

[Scraggles]

I am not blaming the hack on you but why in the world would you directly link any online transaction directly to your bank account! (I am guessing debit card?) If you can't get a credit card, use the points card etc.

About account hack, have you checked your Windows Live account? Is it hacked or still in your control?

The account is still in my control however Microsoft locked it down now. The person changed everything to Russian. They changed my address but they never changed my password.

[andy2012]

by no means am i telling any granny to suck eggs but make sure where you use your windows live account address change the passwords on those sites also.

[Timan Veteran]

This is going on ALOT recently, and ms hasn't said crap about it.

http://www.neogaf.com/forum/showthread.php?t=451055

[Scraggles]

I think we need to band together and inform the big sites/magazines so maybe ms will do something about it.

[Amerk_5]

Happened to my wife's account too. MS refunded 2 of the 3 charges for points but couldn't refund the 3rd because some of the points had been spent. We knew that it couldn't have been one of the kids because we were at our one son's football game. While MS did their own 25 day investigation we went to the bank to get a new debit card and dispute the charge that they didn't refund. The bank dealt with MS and the bank refunded the 3rd charge. Then after MS finished their investigation and unfroze our account, 2 weeks later that bank had them refreeze it because apparently they were still doing their own investigation. But MS did give us 2 codes for 2 months of Live for free.

[bdsams Veteran]

going to write this up now...

[Xtreme2damax]

I have an Xbox/GFWL account and some EA games, however I never purchased any points or linked a CC to my account as I have never felt compelled to waste money for points to buy useless DLC for things that should be included in the initial purchase to begin with or make no sense to waste money on. Steam is the only service I've linked a CC with so far and if I have any issues with them I will remove my CC as soon as I discover any unauthorized purchases. I also have a very secure password on my MSN/Xbox/GFWL account, I never fall for phishing scams or any scam for that matter and have no keyloggers or other malware on my computer.

Usually hacker skiddie groups like to gloat about their work and compromising a major site/service. I don't believe anyone has claimed responsibility yet which is unusual, had anyone claimed responsibility it might be possible to dig up details regarding how they were able to exploit the service(s).

[n_K]

If it's russia they wouldn't claim responsibility, they're in it for the money, and they don't want you knowing about it, like with the radiation poisoning in the UK the other year etc.

[Dotdot]

I had mine done last month for the ****ing Fifa Teams, MS got back to me 4 weeks later and im still waiting for the money to be refunded, so far in those 4 weeks all Ive got is an email telling me how to re-activate my suspended account :(. Will be on the phone to them tomorrow as im still ?50 down

[Scraggles]

This needs to be recognized by someone who matters so maybe Microsoft will do something about it. Anyone know what we can do? I'm willing to provide emails and bank statements if needed.

What confuses me most, Microsoft claims I may have to make a new account because they can't bring accounts back. How thefick does that work? You can transfer them TO another country, but not FROM?

[DR3AMxCATCHER]

How long did it take. I've got bills to pay and I can't wait '25 days' unless Microsoft is willing to pay any late fees.

I went through my bank Wells Fargo and had them rely messages with Microsoft. I had my money back within a few days from the bank, it took me a trip and a few phone calls with the bank. It took me about 2 days worth of calls with Microsoft. Overall time, about a month like they said. I did find out the person bought a lot of games on the Dashboard including GTA IV and BF:BC Weapon Pack.

[Lexcyn]

Yikes. This is why I usually just use pre-paid game cards for Live and points.

This is out of control it seems. MS really should be doing something other than saying it's going to take a MONTH to get back money you did not even spend.

[jbctech]

Funny that this was posted. This happened to me today. I woke up this morning with 2 emails from Microsoft confirming the purchase of 8000 Microsoft points. The points were all spent on those Premium Gold Packs.

I have a linked credit card, but it's strange because I almost never log in to Xbox Live (haven't been on in months) and can't think of any sites I've used to log into Microsoft services in a while. I do not own FIFA (or really any "newer" games for that matter), so it's quite puzzling how they got my information.

[DR3AMxCATCHER]

Funny that this was posted. This happened to me today. I woke up this morning with 2 emails from Microsoft confirming the purchase of 8000 Microsoft points. The points were all spent on those Premium Gold Packs.

I have a linked credit card, but it's strange because I almost never log in to Xbox Live (haven't been on in months) and can't think of any sites I've used to log into Microsoft services in a while. I do not own FIFA (or really any "newer" games for that matter), so it's quite puzzling how they got my information.

I agree with this. The account they hacked was an account I haven't really "used" since 2008. It was odd to me as well.

[jbctech]

I agree with this. The account they hacked was an account I haven't really "used" since 2008. It was odd to me as well.

Just looked at the profile out of curiosity and it looks like they did play FIFA through my account. Well I contacted Xbox Live Support this morning and had my account begin the Unauthorized Access Investigation. The $100 isn't a big deal, but I hope they figure out how this breach happened.