Microsoft confirms 'high-profile' XBL accounts targeted in new hack

Xbox maker says it is aware of attackers using social engineering to compromise accounts of current and former Microsoft employees.

Microsoft has acknowledged that a number of "high-profile" Xbox Live accounts held by current and former Microsoft employees have been compromised. According to The Verge, the hackers used employees' Social Security numbers and a form of social engineering to gain unauthorized entry to the Xbox Live accounts.

Microsoft told The Verge that it does not collect or use Social Security numbers for Xbox Live accounts and that the hackers were able to access the accounts through a third-party.

"We are aware that a group of attackers are using several stringed social engineering techniques to compromise the accounts of a handful of high-profile Xbox Live accounts held by current and former Microsoft employees," a Microsoft spokesperson said.

"We are actively working with law enforcement and other affected companies to disable this current method of attack and prevent its further use," the statement goes on. "Security is of critical importance to us and we are working every day to bring new forms of protection to our members."

Microsoft urged Xbox Live users to familiarize themselves with the company's account security guidelines and establish a system of proofs.

Written By

Eddie Makuch is a news editor at GameSpot, and would like to see the Whalers return to Hartford.

Want the latest news about Xbox 360?

Xbox 360

Xbox 360

Follow

Discussion

169 comments
klonoa53
klonoa53

Oh wait, this is old. Well jolly good show lads.

klonoa53
klonoa53

Hello, Im from the side of Sony PSN Maintenance, here to wish you guys good luck in your times of troubles. Have a nice day Micromen.

vicke32
vicke32

Heh, I remember in my school a few years back that someone went around searching for sites with default login/password anywhere, if he found one he simply pasted the logins/passwords of everyone on the site on the front page.

Riverwolf007
Riverwolf007

here is my information. congrats, now you are a hacker.

JimmyTwoGunz
JimmyTwoGunz

why is everyone surprised, could of sworn x-box just like ps3 has dealt with stuff like this in the past, why start a fan-boy war. if systems are going to be online hackers will always find ways to mess with them.

Gigas_Yuu
Gigas_Yuu

At least the service is still up, cows.

warhawk-geeby
warhawk-geeby

I hate hackers, the PSN hack pissed me off no end.

What I will say though is at least it goes to show Microsoft's beloved console isn't immune to the problem.  Should shut some of the fanboys up.

We're all being affected by this together, regardless of your console of choice.  Quit with the bitching and focus on the real matter at hand, the security issues of our personal information.  Hackers are a plague on one big power-trip.

Cashmoney007
Cashmoney007

An Xbox can get hacked? No way!  How can this be?  The 360 is suppose to be able to block all hackers!  Maybe the hackers can hack the Kinect also and find a way to make it work a lot better.

Gamer_4_Fun
Gamer_4_Fun

Here that? You xbots aren't so important to be hacked, :D

sunyatanada76
sunyatanada76

Where is queing for ps4? he would be all over this.

pound-u
pound-u

LOL at all the pathetic xbox fanboys who kept saying no one could hack live because you pay money.

GamerzUltd
GamerzUltd

It goes to show you that no one is safe, xbl, psn, ayed service, free, it just doesen't matter. Stay safe folks. :-)

www.gamerzultd.com

www.facebook.com/gamerzultd

Twitter @gamerzultd

blackace
blackace

Sounds like they got busted before any harm was done. Good job Microsoft.

thebeachguy90
thebeachguy90

Just goes to show that NOWHERE is it safe to put your info. You are at risk as soon as you give it out anywhere.  Xbox, PS3...it doesn't matter.  Hopefully this will shut up the idiots that swore that these things never happen on XBL and thought the service was guaranteed safe.  Such naivety.

jessie82
jessie82

and the point of hacking an XBLA is? i havnt used xbox live for years and the last game i got for it was fable 3 on release theres just no reason to use it as whatever it can do my pc can do better and theres more likely to be a sale on a pc game than a console game

xhawk27
xhawk27

The FBI should be on this. They stole Social Security numbers that is a federal crime. 
They have better not stole Major Nelson's account because they signed their own death warrant then. He is a bad ass. ;)


Angelsoft717
Angelsoft717

They currently have the social security numbers of several people, and their first move is to hack their XBL accounts? Wut.

Dezuria
Dezuria

Social engineering is not "hacking." it's taking advantage of dumb people.

TruthTellers
TruthTellers

Boy, I wish I had Bill Gates' Social Security number...

vannacut
vannacut

only time i was hacked on xboxlive was by the microsoft itself, when they hacked into my account where i had my credit card info ,and pulled 60 dollars for subscription renewal without me  being aware of it. (they even get pissed and ban you if you dont update your credit card info and the transaction is not approved) :p

rasterror
rasterror

They gained their SS numbers and other personal info and they only cared to get into their Live account?  What idiots!

Diablo-B
Diablo-B

@JimmyTwoGunz You guys should read a book on cyber security. If only you knew how vulnerable many critical systems are. One day a major disaster/tragedy will be caused by a compromised system and lives will be lost. Video game account hacks are the least of our worries.

TTDog
TTDog

@Gamer_4_Fun Access through a third party is hardly the same as MS themselves being hacked.

Grimkillah
Grimkillah

@Cloud_imperium That article is a clear lie, if you were a console developer, you are interested not in used game, but rather monthly subscription fees. Used game does not take away your potential earnings, rather it adds to it. Since more people will play online for longer duration than the initial six months, this means more monthly fees from more people. Used games might be troubling game developers, but not console developers.

TTDog
TTDog

@sunyatanada76 Maybe kindergarden has started up again and he's busy finger painting.

GinsuVictim
GinsuVictim

@pound-u Do you even understand what the article is talking about? Live wasn't hacked.

WolfGrey
WolfGrey

@pound-u They get hacked ALL the time, they just don't report it usually. And they aren't very nice to people who get hacked either.

My mate got told it was his fault for getting hacked and they didnt restore his account for two months.

COPMAN221ISBACK
COPMAN221ISBACK

@Dezuria And sadly those dumb people are Microsoft employees. That's pretty ironic don't you think? :)

PumpkinBoogie
PumpkinBoogie

@rasterror Hmm, somehow I highly doubt if some was dubious to get their hands, say on Bill Gates SSN, that his Live account would be the only thing they screw w/.....

MS probably just made that asinine statement just to try to soften how bad this really looks for them (not to say that helps for those how's shit was compromised like this). 

Grimkillah
Grimkillah

@Cloud_imperium Think of it this way. Game A can't be reused on a different account, I therefore won't buy it, game developer get no revenue, console developer get no monthly fee. If Game B can be played freely, I buy it second hand off Gamestop, Game developer still get no revenue, but now I need to purchase monthly fee to play online, console developer is happy.

Noosh0tron
Noosh0tron

@GinsuVictim @pound-u duhhhhhh....

Microsoft confirms 'high-profile' XBL accounts targeted in new hack.... do you need someone to read it to you??the hackers used employees' Social Security numbers and a form of social engineering to gain unauthorized entry to the Xbox Live accounts.  IE. XBL HACKED. last time i checked my xbl account was on xbl. 

 H

IceJester45
IceJester45

@GinsuVictim @pound-u I'm not sure if they don't understand the article or if they're just really desperate to find something they can point to and say, "See? Microsoft gets hacked just like Sony does."

rasterror
rasterror

@PumpkinBoogie @rasterror  Well at least they let people know.  I lost $400 to the SOE hack even though I got it back weeks later.  It took Sony how long to cough up that they were hacked and that they fired their internet security team weeks before?

Cloud_imperium
Cloud_imperium

@Grimkillah @Cloud_imperium Before writing stories you should have read my comment . Never said about being truth or lie . I said get ready for console wars which happens no matter what you write . Correct me if I am wrong .

godhand1942
godhand1942

@rasterror @PumpkinBoogie Did you guys even read?
"the hackers used employees' Social Security numbers and a form of social engineering to gain unauthorized entry to the Xbox Live accounts."
Here is more useful info:

Evidence pointing to hacking collective Team Hype's alleged involvement surfaced when videos depicting its efforts were found online; videos that demonstrated the group's reported use of illegally obtained Social Security data to gain access to and sell off Xbox Live user accounts. 

My opinion is that everything can be hacked

rasterror
rasterror

@PumpkinBoogie @rasterror BBut 77 million accounts weren't hacked into.  And yes having your social stolen is terrible having your banking info stolen is next to it.  Even though they weren't hacked directly, MS needs to make sure their third parties' security is up to snuff.  After that Sony fiasco though I dropped PSN and SOE all together.

PumpkinBoogie
PumpkinBoogie

@rasterror @PumpkinBoogie ....and while nothing happen to me, your point? It didn't take Sony that long at all to acknowledge the issue--it just took them to fix it. <_<

And let's be for real here, no matter how shit went down w/ Sony--nobody's SSN was compromised. MS didn't really have CHOICE but to say something when it's that magnitude of a fuck up where someone's life--aka their SSN-- is floating out in the open. 

Credit/debit cards can be replaced; funds can be returned (once the suspicious transactions can be verified). But when someone has your SSN that's a helluva scarier prospect for life damage we're talking about.