xbox xlive account hacked

38
Found 10th Nov 2011
some one managed to compromise my xbox live account and purchased 6000 points at 50 quid. Only noticed when I couldnt login and then got an email from paypal about the purchase (Paypal is linked to my debiti card).

Was on the phone straightaway to Paypal who have opened a case and Microsoft who have suspended my account until investigation complete. Also rang the bank who said they couldnt do anything.

Anyone had this problem if so, how long does it take Microsoft to complete investigation and whats the chance of me getting my money back.

I was under impression XBox live was very secure, but obviously not.
Community Updates
MiscXbox
38 Comments
xbox live aint secure at all in the respect that it can auto log you in and stores your card details for puchases (should you have that enabled, my boy did similar and bought a game with no confirmation screens or password check) hack wise you aint been hacked its someone who has been at your house or something.
Nailez

xbox live aint secure at all in the respect that it can auto log you in … xbox live aint secure at all in the respect that it can auto log you in and stores your card details for puchases (should you have that enabled, my boy did similar and bought a game with no confirmation screens or password check) hack wise you aint been hacked its someone who has been at your house or something.



I assume MS can use IP to trace where the purchase was made and serial number of console it was made from etc.
I have edited your OP, please don't avoid the swear filter with misspellings.
zappp64

I assume MS can use IP to trace where the purchase was made and serial … I assume MS can use IP to trace where the purchase was made and serial number of console it was made from etc.



Of course but IP is generally a range and id warrant a bet that its actually from your console, do you have children ?

Like i said with these purchases if you have auto login on and have used your card previously to buy points/live/games then when you select "to buy items" you get no password confirmation and are able to download it just like anything else within seconds.
Syzable

I have edited your OP, please don't avoid the swear filter with … I have edited your OP, please don't avoid the swear filter with misspellings.




HOLY CARP BATMAN! (incoming infraction i know)
Why would someone hack your account , to give you the points. Prob your kids, and M$ may not refund you if that's the case
Nailez

HOLY CARP BATMAN! (incoming infraction i know)



You can say crap crap crap crap. lol
did this to mine last year inform xbox live customer services, they sorted it and reimbursed me.
gizmat

did this to mine last year inform xbox live customer services, they … did this to mine last year inform xbox live customer services, they sorted it and reimbursed me.



Yes, but were the points purchased to your account or to another?
took a couple of weeks to get my card refunded mine was hack from an account in holland
OP was your Xbox Live password unique or do you use the same password elsewhere?
Always knew Fifa was bad
I had this the other month, but with my debit card which they failed to credit (My debit card company told me, so I removed my card from there by cancelling the card). How do they hack it? And why would they hack the points to our accounts it doesn't make sense.
Nope points to your own account does make no sense as I said earlier I had something kind of similar where my boy purchased a game due to me having auto login and payment details saved because i purchased live online.

I think this is another case of that.

@Adam considering its basically your msn/live account I would imagine its a case of hacking emails then trying them on the xbox live system ?
keep reading its done thru fifa how is that possible ?
Nailez

Nope points to your own account does make no sense as I said earlier I … Nope points to your own account does make no sense as I said earlier I had something kind of similar where my boy purchased a game due to me having auto login and payment details saved because i purchased live online.I think this is another case of that.@Adam considering its basically your msn/live account I would imagine its a case of hacking emails then trying them on the xbox live system ?



Yeah I still do not know what it would achieve by someone doing so. I don't have any kids so they wouldn't of done it because they don't exist. I don't buy points via live, and tbh not even sure how (I'm sure I could figure it out). I've only purchased one lot of points since I have had my xbox over 3 year period. I find it strange a lot of people are coming out with this and yet I can't see anyway of any hackers gaining from spending your cash on your xbox. I only put my card on there to pay for the £1 month access. Which I will never be doing again. Ghost in the system?

Dear Adam Evans, We have been unable to charge your credit card for your … Dear Adam Evans, We have been unable to charge your credit card for your Xbox Live 6000 Microsoft Points bundle purchases. The following credit card is the current payment method on your billing account: Credit card type: VISAYou will not have access to the service until you update the payment information for Xbox Live 6000 Microsoft Points bundle. If payment is due for other Microsoft services purchased with the above card, those services may also be affected. To view or change your billing account, go to https://billing.microsoft.com, and select one of the following options:To update payment information, click on the payment method's link under 'Payment type', on the next page click 'Go to payment method information', and on the next page click 'Edit payment method information'.To view a billing statement for a payment method, click the payment method's link under 'Payment type'.If you have already resolved this issue, please disregard this notice and accept our thanks. Thank you for using Microsoft Online Services. Microsoft Customer Support Note: Please do not respond to this message. To receive notifications at a different e-mail address, sign in to your account at https://billing.microsoft.com, select 'Go to personal information', then click 'Edit personal information', change the 'Contact e-mail', and click 'Save'. For more information on online safety visit http://www.microsoft.com/phishing.Microsoft respects your privacy, to learn more, please read our online privacy statement at http://go.microsoft.com/fwlink/?LinkId=74170Microsoft CorporationOne Microsoft WayRedmond, WA 980522929 N Central AvenueSuite 1400Phoenix, AZ 85012Form: 26



Why 6000? Why not less or more. Find it all a tad strange.
Xbox/MS is secure, your password is weak.
Edited by: "jonny619447" 10th Nov 2011
Have no idea as to the amount or why it makes little sense to me BUT wasnt their also ebay sellers selling xbox live points from "hacked" accounts you logged into the hacked account spent the points which enabled the content on your xbox.


*click makes sense now*
jonny619447

Xbox/MS is secure, your password is weak.



Well they haven't hacked any of my other accounts with the same password. So seems a bit wierd.
Havince

keep reading its done thru fifa how is that possible ?



People hack accounts buy 6000 points. They then sell them to people with the promise of a couple of hour window to use them in.

Its not done through fifa but as most people use the same details and passwords if they have your details for one account they most likely have them for your other accounts.

At the end of the day keep your password 13+ letters with a mixture of upper/lower case and capitals mixed in and you will be as safe as houses.
Adam2050

Well they haven't hacked any of my other accounts with the same password. … Well they haven't hacked any of my other accounts with the same password. So seems a bit wierd.



Xbox accounts are worth something to them, spam emails of sausage enlargement pills are not.


Edited by: "jonny619447" 10th Nov 2011
jonny619447

Xbox is worth something to then, spam emails of sausage enlargement pills … Xbox is worth something to then, spam emails of sausage enlargement pills are not.



Haha, no. Not a really simple password so they must be using some sort of programming skills to get in.
Adam2050

Haha, no. Not a really simple password so they must be using some sort of … Haha, no. Not a really simple password so they must be using some sort of programming skills to get in.



Most likely some sort of brute force program.

iv never used a credit or debit card on my xbox to buy anything so how can they purchase stuff ?????



jonny619447

People hack accounts buy 6000 points. They then sell them to people with … People hack accounts buy 6000 points. They then sell them to people with the promise of a couple of hour window to use them in. Its not done through fifa but as most people use the same details and passwords if they have your details for one account they most likely have them for your other accounts.At the end of the day keep your password 13+ letters with a mixture of upper/lower case and capitals mixed in and you will be as safe as houses.


Havince

iv never used a credit or debit card on my xbox to buy anything so how … iv never used a credit or debit card on my xbox to buy anything so how can they purchase stuff ?????



They can use your paypal details if they are the same as your xbox login details.



Edited by: "jonny619447" 10th Nov 2011
Adam2050

Haha, no. Not a really simple password so they must be using some sort of … Haha, no. Not a really simple password so they must be using some sort of programming skills to get in.



No, one of the other websites where you use that password has been hacked and your details compromised.

my son wouldnt buy points before consulting me, and always has done and I always buy as minimum points as he needs for what he wants to buy. So I am still suprised how they managed to get hold of my details to my live login.

My paypal email address/password is different to my MS email/password.


Edited by: "zappp64" 10th Nov 2011
zappp64

my son wouldnt buy points before consulting me, and always has done and I … my son wouldnt buy points before consulting me, and always has done and I always buy as minimum points as he needs for what he wants to buy. So I am still suprised how they managed to get hold of my details to my live login.My paypal email address/password is different to my MS email/password.



Does your son use the internet, he could have entered them on a phishing site.
zappp64

my son wouldnt buy points before consulting me, and always has done and I … my son wouldnt buy points before consulting me, and always has done and I always buy as minimum points as he needs for what he wants to buy. So I am still suprised how they managed to get hold of my details to my live login.My paypal email address/password is different to my MS email/password.



Does your account auto login or not on the xbox?
jonny619447

Does your son use the internet, he could have entered them on a phishing … Does your son use the internet, he could have entered them on a phishing site.



He does but only YouTube doesnt really go on any website nor does he have any email accounts.

Nailez

Does your account auto login or not on the xbox?



I think it is auto login..

zappp64

my son wouldnt buy points before consulting me, and always has done and I … my son wouldnt buy points before consulting me, and always has done and I always buy as minimum points as he needs for what he wants to buy. So I am still suprised how they managed to get hold of my details to my live login.My paypal email address/password is different to my MS email/password.



And you have never linked your paypal account to your xbox live account?
If its auto login OP if I was you before you go into it too much with M$ ask your son if he made a mistake.
As someone has already mentioned.

If a hacker/fraud gets hold of your Xbox Live account, they can log in, buy a shed load of points, them sell the account to someone else to recover on another console.

They can then use those points to buy DLC etc and it doesnt matter who the account belongs too, it's the console the DLC is download to not the gamertag.

A friend of mine bought these points from some ropey looking Chinese type ebay site. They state that you are buying an Xbox Live account with X amount of points attatched to it. He then recovered that gamertag on his console and used all the points to download various DLC.
He then deleted that account from his console, signed back into his original gamertag and all of the DLC worked on his gamertag for the games he had.
Could have been someone hacked, bought the points then would try and sell the account?
some good news, PayPal have refunded my the £51 - just waiting on Microsoft to conclude with their investigations.

I have removed my PayPal account that is associated with from XBox live now.

Post a comment
Avatar
@
    Text

    Top Discussions

    Top Discussions

    Top Merchants