Psychotext
Member
I'd call them before you do anything else.
-
Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.
Hey, has your Xbox Live account been hacked/FIFA'd? Post here!
- Thread starter chubigans
- Start date
test_account
XP-39C²
I dont think it proves much. If Microsoft also does a forced password reset, why would they do this if they arent the source of the breach?Speedymanic said:
Speedymanic
Banned
test_account said:I dont think it proves much. If Microsoft also does a forced password reset, why would they do this if they arent the source of the breach?
Well that's kind of my point. You only do something as drastic as a password reset if a breach/something has happened that could have led to people's detailed leaking. The fact that they've also specified a date for which accounts will undergo a PW reset is also pretty suspect.
If MS had forced a password reset, it would be safe to assume that there was a breach/leaking of info on their end. I can't think of any other reason for a forced password resent.
EA seem to be trying to cover this by pretending it's for SWTOR, which makes it that much worse and pretty damn underhanded. The way EA (and MS) have handled this very from the day one has stunk. While at least MS came out and said there was no breach on their end (but failed to actually address the problem by introducing further security measures), EA didn't even bother denying a breach/leak, instead they just said that they haven't noticed an increase in any illegal activity of actual FIFA players (note, they don't go into specifics or even mention those who have never played FIFA, much like all of those in this thread and others) and tried to shift the blame to phishers/frauds.
:/
antiquegamer
Member
Yeah, I always find that PR answer by EA to be really skirting around the issue. They pretty much deflect the allegation and twist words around to make it seems that it's about FIFA hack, when it's actually Xbox Live account hack.
It's really annnoying that Microsoft is not put any measure in place by now to address this issue even if the breach is not from their end they really need to do something about it. The more people speculate and the longer this problem go on, it will only look bad for them regardless of where the leak is coming from.
It's really annnoying that Microsoft is not put any measure in place by now to address this issue even if the breach is not from their end they really need to do something about it. The more people speculate and the longer this problem go on, it will only look bad for them regardless of where the leak is coming from.
Dr Zhivago
Member
FIFA 12 is just a vector by which the hackers can transfer MS points into real cash. I'm not convinced EA are the weak link here - the last time there was a spike in hacking activity, it was stealing the accounts of people who'd been awarded Recon armour for Halo 3. The general feeling then was that it was hackers ringing up MS customer support and somehow tricking them into resetting passwords.
VibratingDonkey
Member
This douchebaggey PR period where they try to avoid shit hitting the fan is never not aggrevating. Y'know.
Multi-step authentication please. The title indicates it'll only apply to your 360 though, not your Live account, which would be odd.
There's an Xbox 360 Profile Protection option on your account page that wasn't there previously. Currently doesn't work though. Probably tied to this aforementioned dashboard security update.antiquegamer said:
Multi-step authentication please. The title indicates it'll only apply to your 360 though, not your Live account, which would be odd.
Garcia el Gringo
Member
I really hope I get my account back by the end of the month. I don't want to file a complaint with the Better Business Bureau, but that seems like the only way to get any actual help and prompt reimbursement.
I wish more people inconvenienced by this would speak up and make noise. Microsoft is getting away with having the slowest investigation ever.
I wish more people inconvenienced by this would speak up and make noise. Microsoft is getting away with having the slowest investigation ever.
A Twisty Fluken
Member
I don't know that I'd say "getting away," my experience was poor enough that I am adjusting my behavior spending money with them from here on out. I can't imagine I'm alone.
test_account
XP-39C²
Yeah, but i was thinking more about the dashboard update that Microsoft is doing. And also that they have that extra security added. Does that mean that there was an issue at their side previously?Speedymanic said:
Tonner Cyn
Member
As I mentioned in my post earlier, I got hacked last week. I lost some points but have not seen any other suspicious activity. I've changed my password and security question so I doubt they can get me again. I have not called MS just yet. Part of that is because I don't have a ton of time when I get home, part of it is because I know it will result in me not getting the Fall update and not being able to play MW3 online. Is there any problem in waiting? Or should I just go ahead and do it?
Speedymanic
Banned
test_account said:
Additional security features aren't really comparable to a forced password reset. They don't imply the same thing.
Additional security measures = trying to make a service more secure.
Forced password reset = trying to make a service secure again after a potential breach/hacking.
And the fact that they were hacked in June and are only now getting round to pushing for a password reset pretty much says it all about EA/Bioware.
Despicable behaviour from EA and MS' response to allow EA to keep running their shitty service on XBL is just as reprehensible.
Garcia el Gringo
Member
It sucks that we even have to consider this. I know I was contemplating reporting my unauthorized access and points stolen.Tonner Cyn said:
But always immediately report when something was stolen from you.
indigo-cyclops
Member
Santini said:
Thanks for posting this, I was going to but ya saved me the trouble of finding/compiling the info. This is how I removed my CC months ago from the shite of MS.
Do this method people, it works, and don't look back!
Doh ... I had the same pw with my ea and xbox account...
Well, fixed that. I didn't have any CC linked to my xbox account so they didn't buy any points, but they did spend all the ones I had, about 2000 worth on the fifa garbage.
I guess I got off easy compared to others, but will MS refund my points? Also any other accounts I should worry about? PSN and steam seem okay even though they use the same email...
Well, fixed that. I didn't have any CC linked to my xbox account so they didn't buy any points, but they did spend all the ones I had, about 2000 worth on the fifa garbage.
I guess I got off easy compared to others, but will MS refund my points? Also any other accounts I should worry about? PSN and steam seem okay even though they use the same email...
Psychotext
Member
I don't even know what the four button security pass code is.
-Date: August 22, 2011
-Damages: 10,000 points were purchased, but never spent. Account region changed to Russian.
-Currently: Account is locked and under investigation.
-EA: Yes, I have an account.
-Passwords: They were different.
-Account age: Xbox Live account since ~2006, EA account since ~2009 or 2010.
-Compensation: I disputed the charges to my credit card through Mastercard instead since MS was dragging their feet on it (and telling me specifically NOT to dispute them <__<). I've been refunded the $130 that was taken out of my account to buy the points. But my account is still locked.
-Four button pass code: no.
I doubt my hack has anything to do with the FIFA fiasco, but it's possible. I stopped the hacker before they could actually buy anything with the points.
The latest email from MS that was in English instead of Russian, said that I have to wait for at least another 30 days for the investigation to finish. This shit is ridiculous.
-Damages: 10,000 points were purchased, but never spent. Account region changed to Russian.
-Currently: Account is locked and under investigation.
-EA: Yes, I have an account.
-Passwords: They were different.
-Account age: Xbox Live account since ~2006, EA account since ~2009 or 2010.
-Compensation: I disputed the charges to my credit card through Mastercard instead since MS was dragging their feet on it (and telling me specifically NOT to dispute them <__<). I've been refunded the $130 that was taken out of my account to buy the points. But my account is still locked.
-Four button pass code: no.
I doubt my hack has anything to do with the FIFA fiasco, but it's possible. I stopped the hacker before they could actually buy anything with the points.
The latest email from MS that was in English instead of Russian, said that I have to wait for at least another 30 days for the investigation to finish. This shit is ridiculous.
Nexus Zero
Member
My account has been under investigation for three months and recently I had an email to tell me that my account location had been switched from South Africa to United States. I live in the UK...
Edit:
-The date it occurred
~ Beginning of August 2011
-Your "damages" (points spent, games played you don't own, etc.)
£70 of points bought and syphoned out of my account. Apparently I've had random DLC bought too
-Your current situation with MS (if your account is suspended, under investigation, etc.)
Under investigation
-If you have an EA account of any kind, or have played any EA games in the past few months
No that I know of
-How old your Gamertag/Live account is, and
3 years old
-Your compensation, and whether it's been resolved or not.
Not resolved, I think I've had my £70 back and so far I've had two 1 month Gold passes to use on a temporary account
-If your security question was changed, and if so, whether the new answer has Chinese characters.
I changed it back so I don't know
NEW: -Did you have the 4-button security pass code enabled for your account? (thanks ukresistance!)
Not that I know of
Edit:
-The date it occurred
~ Beginning of August 2011
-Your "damages" (points spent, games played you don't own, etc.)
£70 of points bought and syphoned out of my account. Apparently I've had random DLC bought too
-Your current situation with MS (if your account is suspended, under investigation, etc.)
Under investigation
-If you have an EA account of any kind, or have played any EA games in the past few months
No that I know of
-How old your Gamertag/Live account is, and
3 years old
-Your compensation, and whether it's been resolved or not.
Not resolved, I think I've had my £70 back and so far I've had two 1 month Gold passes to use on a temporary account
-If your security question was changed, and if so, whether the new answer has Chinese characters.
I changed it back so I don't know
NEW: -Did you have the 4-button security pass code enabled for your account? (thanks ukresistance!)
Not that I know of
-The date it occurred
~ End of September 2011
-Your "damages" (points spent, games played you don't own, etc.)
they bought 6000 points from MS but I was able to retrieve the money through PP
-Your current situation with MS (if your account is suspended, under investigation, etc.)
Under investigation
-If you have an EA account of any kind, or have played any EA games in the past few months
have fifa 11 on PC and madden 12 on 360
-How old your Gamertag/Live account is, and
since the original xbox so over 7-8 years
-Your compensation, and whether it's been resolved or not.
Not resolved, still waiting on MS which is fucking dumb!
-If your security question was changed, and if so, whether the new answer has Chinese characters.
havent checked but will do over the weekend
NEW: -Did you have the 4-button security pass code enabled for your account? (thanks ukresistance!)
Not that I know of
So since I dont have access to live right now can I create a new account and just use that for the meanwhile until they fix my old account and then de-activate live on my old account and move the arcade games to the new account? This is dumb that I cant use a service I paid for and there is no work around!
~ End of September 2011
-Your "damages" (points spent, games played you don't own, etc.)
they bought 6000 points from MS but I was able to retrieve the money through PP
-Your current situation with MS (if your account is suspended, under investigation, etc.)
Under investigation
-If you have an EA account of any kind, or have played any EA games in the past few months
have fifa 11 on PC and madden 12 on 360
-How old your Gamertag/Live account is, and
since the original xbox so over 7-8 years
-Your compensation, and whether it's been resolved or not.
Not resolved, still waiting on MS which is fucking dumb!
-If your security question was changed, and if so, whether the new answer has Chinese characters.
havent checked but will do over the weekend
NEW: -Did you have the 4-button security pass code enabled for your account? (thanks ukresistance!)
Not that I know of
So since I dont have access to live right now can I create a new account and just use that for the meanwhile until they fix my old account and then de-activate live on my old account and move the arcade games to the new account? This is dumb that I cant use a service I paid for and there is no work around!
black_vegeta
Member
"FIFA'd".
Lol
Lol
Garcia el Gringo
Member
That's cute. Even if this whole hacking is MS' fault or nobody's fault but my own due to somehow getting phished, I'll still be upset with EA for their Fifa DLC. It's obviously a problem. It's the motivation for the vast majority of these thieves. How have they not fixed this issue?big_z said:
If EA is leaking account info in addition to their shitty exploitable DLC then I'm not going to be happy with them at all.
Speedymanic
Banned
Garcia el Gringo said:
Because there isn't enough pressure on EA.
They'll only take notice when more sites start to report on vids like the one above and point the blame for the current 'hacking' squarely at EA.
Unfortunately, people try their damnedest to muddy the waters and point the blame at MS. It's why nothing's being done by EA, they feel they've gotten away with and are now, quietly pushing a forced password reset when they know the vast majority of gamers and many/all gaming sites will be busy with the bumper Autumn/Winter releases.
Disgusting behaviour from EA and we/gaming sites are all complicit because no-one is raising a stink/fuss/etc about EA's part in this. It's always shitty M$, etc.
test_account
XP-39C²
While i dont disagree too much with this, resetting passwords is also a way to keep things more secureSpeedymanic said:
At my mom's old work, there they had to change their password every month as a security messure just to mention one example. I dont know for sure if this is why Bioware does it now, but it is a possibility at least.But i agree, if MS has the slightest suspicion that it is because of EA, it is weird that they havnt done anything about it. I've seen reports that these types of hacks started months ago. Doing little about something if they might know where the problem is, that isnt very good security either :\ But if there is no proof of where the breach happeneds, then it can be more difficult to do something about it. But hopefully the hacks will stop soon.
The passwords were reset during the Bioware hack by the way. Here is a forum post from around when that hack happened:
"Our investigation shows that information such as user names, encrypted passwords, email addresses, mailing addresses, names, phone numbers, CD keys and birth dates from accounts on the server system associated with Neverwinter Nights may have been compromised. Accordingly, in an abundance of caution, we are emailing those whose accounts were potentially affected and either disabling their forum accounts or resetting their EA Account passwords."
http://social.bioware.com/forum/Bio...BioWare-amp-EA-Account-Holders-7653193-1.html
Well, it says "either", but it shows that passwords were at least in some cases reset. And i'm not sure if this forum is linked to the EA accounts.
Psychotext
Member
I wish there was something like that in the UK. I can't see Watchdog being particularly interested (nor Microsoft caring).Zerokku said:Know what it took before It was finally done (properly)? I filed a complaint with the BBB. That got Microsoft to respond real quick
Garcia el Gringo
Member
Congrats!Zerokku said:Well nearly 2 months after the hack, finally getting my last 4000 MS points refunded.
Know what it took before It was finally done (properly)? I filed a complaint with the BBB. That got Microsoft to respond real quick
People say that they get wonderful help when they file a complaint with the BBB. How was your experience?
RukusProvider
Banned
1.26 October, 2011
2. All points spent on EA related material
3.Called in TODAY day, account was suspended and was told it would take up to 5 weeks.
4.Have an EA/Origin account, which I had accessed BF3 beta just a week before. Lot's of EA interaction sadly
5. EA and Live accounts were same
6.Windows LIVE ID is from before 2006
7.Told it'll take upto 5 weeks
Right now, I went through and changed all related passwords. Let's see what happens.
2. All points spent on EA related material
3.Called in TODAY day, account was suspended and was told it would take up to 5 weeks.
4.Have an EA/Origin account, which I had accessed BF3 beta just a week before. Lot's of EA interaction sadly
5. EA and Live accounts were same
6.Windows LIVE ID is from before 2006
7.Told it'll take upto 5 weeks
Right now, I went through and changed all related passwords. Let's see what happens.
Got my account back yesterday. It actually scared me because I was trying to sign in on Xbox.com and my password wasn't working. I thought it was happening again. A few minutes later I get a password reset email and an email from customer support telling me that my password had to be reset, etc.
My account was locked from 10/21 to 11/15, so it wasn't too bad of a wait.
They miscalculated (somehow) the amount they owed me. The email said $10.49, which is what I paid for 800 MS points using my Paypal account a week or two before my account was compromised. That had nothing to do with it. So I called them up, told them that the thief only purchased Premium Gold Packs and Premium Jumbo Packs (the lady laughed when she saw all of them in my billing history) using Microsoft Points, and gave them my calculation of the amount used by the thief -- 3240 points. I was given a wait time of 7-10 business days for the refund, but today I check my email and it's already been done. Pretty speedy. They actually gave me 1200 more than the amount I told them, but I'm not complaining. I also got two months of Gold.
All in all, not a bad customer support experience. It's certainly been much worse for others. Hope you all get your accounts back soon.
My account was locked from 10/21 to 11/15, so it wasn't too bad of a wait.
They miscalculated (somehow) the amount they owed me. The email said $10.49, which is what I paid for 800 MS points using my Paypal account a week or two before my account was compromised. That had nothing to do with it. So I called them up, told them that the thief only purchased Premium Gold Packs and Premium Jumbo Packs (the lady laughed when she saw all of them in my billing history) using Microsoft Points, and gave them my calculation of the amount used by the thief -- 3240 points. I was given a wait time of 7-10 business days for the refund, but today I check my email and it's already been done. Pretty speedy. They actually gave me 1200 more than the amount I told them, but I'm not complaining. I also got two months of Gold.
All in all, not a bad customer support experience. It's certainly been much worse for others. Hope you all get your accounts back soon.
-11/15/11
-Emptied about 630 points from my account and bought $30 worth of games
-Account is locked for 25 days while they investigate
-Yes I have an EA account, played FIFA 12 and BF3 lately
-Same password for both accounts
-7 + year old gamertag
-They told me to do a chargeback on my credit card
-Security question was not changed
-No, I didn't have a 4 digit passcode on my account.
-Emptied about 630 points from my account and bought $30 worth of games
-Account is locked for 25 days while they investigate
-Yes I have an EA account, played FIFA 12 and BF3 lately
-Same password for both accounts
-7 + year old gamertag
-They told me to do a chargeback on my credit card
-Security question was not changed
-No, I didn't have a 4 digit passcode on my account.
Psychotext
Member
4 months! FFSAptos said:
...and they gave you a month of free live? Niiiiiiice.
Rickenslacker
Banned
I was playing Halo: Anniversary yesterday and I got disconnected from Live. Couldn't just log back in, I had to recover my profile. Couple hours later it happened again. Then I changed my password and it didn't happen for the rest of the night.
I guess I was gonna get Fifa'd.
I guess I was gonna get Fifa'd.
Garcia el Gringo
Member
I think he meant to say 4 weeks.Psychotext said:
http://www.neogaf.com/forum/showpost.php?p=32474672&postcount=104
Psychotext
Member
That makes more sense.
ColonelSkills
Member
So. I need a bit of a pointer, GAF.
I just get home from work and my friend asks why I've been on Xbox for half an hour but not responding to my messages.
I check, and lo, I can't log on.
So, I do what was mentioned in these threads, and immediately go to profile recovery. It says password incorrect. Luckily none of the security shit has been changed and I manage to change the password through the website's recover passwords feature and then I kick the offender off by doing a profile recovery.
I check billing.microsoft.com.
There has been no charges, and my existing point balance has not been touched.
I have a large profile, so I imagine I got super lucky and caught the guy as he was downloading that shit and booted him off.
Cycled password, redownloading my profile now.
That said, since none of the balances were effected and none of my information changed, what is my best course of action?
I will of course get my credit card removed from the service. I don't think that number has been compromised, has it? I would hate to do it again but I'd be willing to if I have to.
Basically what I'm asking is should I contact MS and tell them my shit was jacked? I ask because what the fuck do they even do during these "investigations". It sounds like it takes a month for them to reset your password and deal with a bank charge back while they accomplish FUCK ALL.
----------------
For the record:
-Fortunate, caught just as was occurring, no point loss or financial hit.
-Have not called Xbox Support yet.
-Have an EA account, BF3 and NFS: Hot Pursuit being the most recent.
-Passwords unique. Both with minimum of 70 bits of atrophy and are quite resilient.
-Gamertag age is 7 or so years old
-Nothing on resolution yet, as I haven't phoned.
I just get home from work and my friend asks why I've been on Xbox for half an hour but not responding to my messages.
I check, and lo, I can't log on.
So, I do what was mentioned in these threads, and immediately go to profile recovery. It says password incorrect. Luckily none of the security shit has been changed and I manage to change the password through the website's recover passwords feature and then I kick the offender off by doing a profile recovery.
I check billing.microsoft.com.
There has been no charges, and my existing point balance has not been touched.
I have a large profile, so I imagine I got super lucky and caught the guy as he was downloading that shit and booted him off.
Cycled password, redownloading my profile now.
That said, since none of the balances were effected and none of my information changed, what is my best course of action?
I will of course get my credit card removed from the service. I don't think that number has been compromised, has it? I would hate to do it again but I'd be willing to if I have to.
Basically what I'm asking is should I contact MS and tell them my shit was jacked? I ask because what the fuck do they even do during these "investigations". It sounds like it takes a month for them to reset your password and deal with a bank charge back while they accomplish FUCK ALL.
----------------
For the record:
-Fortunate, caught just as was occurring, no point loss or financial hit.
-Have not called Xbox Support yet.
-Have an EA account, BF3 and NFS: Hot Pursuit being the most recent.
-Passwords unique. Both with minimum of 70 bits of atrophy and are quite resilient.
-Gamertag age is 7 or so years old
-Nothing on resolution yet, as I haven't phoned.
AbsoluteZero
Banned
Scary stuff, I can't remember the last time I played an EA game but I guess I should see if I have a login with them anyway.
Edit: Looks like I do have an account, so I just reset my password for the hell of it. Looks like I've played something called "Battlefield Heroes" in the past along with my copy of The Sims 3 I own for my Mac.
No Xbox Live profiles are associated with the account, however.
Edit: Looks like I do have an account, so I just reset my password for the hell of it. Looks like I've played something called "Battlefield Heroes" in the past along with my copy of The Sims 3 I own for my Mac.
No Xbox Live profiles are associated with the account, however.
GarthVaderUK
Banned
Looks like this story might be being picked up by The Sun here in the UK - here's the front page of Tuesday's paper:
http://www.politicshome.com/uk/article/40110/the_sun_tuesday_22nd_november_2011.html
http://www.politicshome.com/uk/article/40110/the_sun_tuesday_22nd_november_2011.html