A 5-year-old boy managed to circumvent the Xbox One's security and log in to his father's account without entering the correct password.
Reported on the BBC, San Diego child Kristoffer Von Hassel has now been credited as a security researcher by Microsoft. In an alternate universe, the kid probably turned to the dark side, logged into your account, and pumped your life savings into FIFA Ultimate Team card packs.
The exploit, which has already been fixed, was discovered by Kristoffer after entering the wrong password when trying to access his dad's Xbox Live account. By first attempting to log in with an incorrect password, users are taken to a second verification screen, where the child found out that by simply filling up the password field with spaces he would be able to access the account.
After besting the multibillion dollar company, the preschooler said to local news station KGTV that he "was like yea!"
After realising what he'd done, however, Kristoffer said he "got nervous. I thought [Dad] was going to find out."
Kristoffer's father, Robert, also works in computer security. Technical wizardry must run in the family.
What did Kristoffer think was going to happen after his father reported the error to Microsoft? "I thought someone was going to steal the Xbox," he said.
For reporting the major security loophole, Microsoft gave the kid four free games, $50, and a 12-month subscription to Xbox Live.
"We're always listening to our customers and thank them for bringing issues to our attention," said Microsoft in a statement. "We take security seriously at Xbox and fixed the issue as soon as we learned about it."
|Martin Gaston is a news editor at GameSpot, and you can follow him on Twitter @squidmania|
|Got a news tip or want to contact us directly? Email firstname.lastname@example.org|