Microsoft Lost $10 Million Worth Of Xbox Gift Cards In An Online Scheme

Achievement Unlocked: The $10 Million Heist.

26 Comments

In an age of cryptocurrencies and digital banking, gift cards may seem like a relic of the past due to their inflexible nature and many of them having expiration dates. But that didn't matter for one very cunning thief, who funded a lavish lifestyle with Xbox gift cards using a loophole in Microsoft’s online store. A Bloomberg report detailed how engineer Volodymyr Kvashuk managed to steal over $10 million from Microsoft before he was eventually busted.

It was the perfect crime: As an employee of Microsoft who was tasked with simulating purchases on the company's digital store, Kvashuk discovered that whenever he tested purchases of gift cards he would receive real codes. Kvashuk started small, generating Xbox cards in increments from $10 to $100 while working his day job of preventing the online store from shipping fake purchases of physical goods. Recruiting a few co-workers to help him in his scheme and using multiple profiles while routing his internet traffic through servers in Japan and Russia, Kvashuk would generate thousands of dollars' worth of gift cards and then sell them online for up to 55% off their regular price.

Please use a html5 video capable browser to watch videos.
This video has an invalid file format.
00:00:00
Sorry, but you can't access this content!
Please enter your date of birth to view this video

By clicking 'enter', you agree to GameSpot's
Terms of Use and Privacy Policy

Now Playing: Xbox Series X Video Review

Kvashuk even went so far as to build a computer program to increase the speed at which he bought gift cards, selling them in bulk on the marketplace Paxful, which allowed gift cards to be traded for cryptocurrency. One trader is reported to have paid Kvashuk 1.98 Bitcoins, then worth $17,240, for 300 Xbox cards. With all that Bitcoin and some crypto-investing, Kvashuk was able to purchase his dream lakefront home, but Microsoft's Fraud Investigation Strike Team--FIST--was onto him.

In 2018, FIST noticed a spike in online purchases using gift card codes and corporate investigators traced the irregular activity to two internal test accounts belonging to employees of the Microsoft store team, and these accounts were soon blacklisted after it was discovered that $8 million had been stolen. When a third account was activated and stole another $1.6 million in Xbox gift cards, the jig was essentially up.

Microsoft called in a veteran detective of Scotland Yard's computer crime unit, Andrew Cookson, to help assist FIST, and after reading through CSV data, Kvashuk's name turned up as one of the official test accounts that had bought some Xbox gift cards illegitimately in 2017. Kvashuk had already been connected to stolen codes that had been used at Microsoft's web store to buy three Nvidia GeForce graphics cards, which had been shipped to "Grigor Shikor" at unit 309 of the Norman Arms in Seattle. There was no Shikor living at the Norman Arms in that unit, but Kvashuk was living in unit 101. Busted.

A month later Kvashuk would be fired and in February 2020 he was charged with a number of crimes such as money laundering, identity theft, and wire fraud by federal prosecutors. In November of 2020, a judge sentenced him to nine years in prison. It's a wild story, with the Bloomberg report containing even more fascinating details, such as Kvashuk being the sole person responsible for global fluctuations in the price of Xbox gift cards on reseller markets at one point.

Got a news tip or want to contact us directly? Email news@gamespot.com

Join the conversation
There are 26 comments about this story