Earlier this week, a person who found that his Xbox Live account was taken over by hackers claimed to have discovered a way to use a scripted brute force technique to acquired Xbox Live passwords on Microsoft's Xbox.com web site. Now IGN.com reports that Microsoft has offered a response to that claim.
Microsoft's specific response is, "This is not a 'loophole' in Xbox.com. The hacking technique outlined is an example of brute force attacks and is an industry-wide issue." The response also included Microsoft's standard response for cases of people who have had their Xbox Live account highjacked, saying, "Microsoft can confirm that there has been no breach to the security of our Xbox Live service."
The fact remains that there are quite a few people who have gone public with their issues with Xbox Live accounts being taken over by outsiders. Microsoft continues to insists that those accounts might have been stolen via phishing scams or some kind of malware. The account holders also insist that they have not encountered any sort of phishing schemes nor have they detected any kind of malware programs.
Clearly there remains a disconnect between these two viewpoints and it seems like Microsoft is doing little to try to bridge this gap other than to say it is not the company's fault. However, the problem appears to be getting worse and worse. It's not clear if there will be any sort of breakthrough with this issue in the future.
14 Comments - Add comment