chubigans said:-The date it occurred
-Your "damages" (points spent, games played you don't own, etc.)
-Your current situation with MS (if your account is suspended, under investigation, etc.)
-If you have an EA account of any kind, or have played any EA games in the past few months
-If your password, to your knowledge, was a unique one between your EA and MS account.
-How old your Gamertag/Live account is, and
-Your compensation, and whether it's been resolved or not.
I caught the intrusion as it happened, and was able to sign into my Live ID and change all my details while the thief had my account on his Xbox draining my points on FIFA. He added an alternate email address to my account, so I removed that, changed my password, and my security question had also been changed to a Chinese character so I changed that as well.chubigans said:If you have been hacked, can you please check with MS to see if your secret question has similarly been changed to a foreign language as well?
Hmm, we might be on to something. OP has changed!Tomasooie said:and my security question had also been changed to a Chinese character so I changed that as well.
Rockman said:Interesting for those who have had their account hacked and country changed to Brazil. Microsoft's call center for Xbox support is located in Brazil. I hear they love soccer in Brazil for those who have had FIFA related content purchased. Inside job by unethical call center employees maybe?
Your profile information (name, address), XBox serial numbers (I'm pretty sure they can see which purchase was made with which xbox serial number), and the "secret question", which I promptly answered with "aw, cmon, nobody remember those things". Because I NEVER FUCKING DO.reggie said:When you call up to get your account back what information do they use to verify it's you?
Most? Maybe. I'm from Brazil, but my Xbox Live Account says I'm from the US.Zeppelin said:Am I right in assuming that most of you who've been hit live in the US?
They have call centers everywhere. I specifically asked where my support girl was from (because my spoken english is kinda messed up, and she was pleasant to talk too), and she was from the US.Rockman said:Interesting for those who have had their account hacked and country changed to Brazil. Microsoft's call center for Xbox support is located in Brazil. I hear they love soccer in Brazil for those who have had FIFA related content purchased. Inside job by unethical call center employees maybe?
reggie said:When you call up to get your account back what information do they use to verify it's you?
chubigans said:If your Xbox Live account has been hacked, please post the following info:
-The date it occurred
-Your "damages" (points spent, games played you don't own, etc.)
-Your current situation with MS (if your account is suspended, under investigation, etc-How old your Gamertag/Live account is, and
-Your compensation, and whether it's been resolved or not.
NEW: -If your security question was changed, and if so, whether the new answer has Chinese characters.
It's not getting anywhere really. Some had unique passwords, some didn't, almost everyone had an EA account at one point, so what's the use in asking that anymore when we have more interesting developments like chinese characters in secret answers and such.Speedymanic said:Erm, why have the EA questions been struck through? Bad decision not to follow up on that line of inquiry and implies bias.
chubigans said:It's not getting anywhere really. Some had unique passwords, some didn't, almost everyone had an EA account at one point, so what's the use in asking that anymore when we have more interesting developments like chinese characters in secret answers and such.
Garcia el Gringo said:I'm officially at week two since I was hacked and made my first call. And my account has been suspended for nine business days.
So I just called support seconds ago to try to get a free month of Gold for an alternative account. I got over my hang-up of playing 360 games on an account that wasn't my main, I'll play games on a different account for a few weeks so I could join my friends on all the big games I was planing on playing. The lady I talked to informed me that my security question was now in Japanese. The 4 people I talked to the past 2 weeks did not mention that. Thank goodness for this lady. I was eventually planning on asking, but she brought it up on her own.
Unfortunately, since I have no credit card on the account and now that my security question has been violated they can't confirm that I am really who I say I am over the phone. They can't give me the complementary month of Gold in advance that some others were getting. I guess they'll know I'm me by checking the IP address during the investigation or something. That sucks a lot, but at least I know about the security question now.
Psychotext said:I was under the impression that's what they use the 360 serial number information for.
They always ask for my address and phone number, but nothing like date of birth or how long I've owned the account. She said they needed the last 4 digits of a credit card # or the answer to my security question to verify who I am over the phone. And that that was why I couldn't get the free month of Gold for an alternate account. I'm just reporting what that one support lady said. She was very apologetic about it all and said that the lack of info wouldn't impact my investigation.Speedymanic said:That doesn't sound likely. Surely they can verify who you are buy asking you confirm some old purchases, your DoB, the address you used to register the account, how long you've had the account, etc, etc.
Garcia el Gringo said:They always ask for my address and phone number, but nothing like date of birth or how long I've owned the account. She said they needed the last 4 digits of a credit card # or the answer to my security question to verify who I am over the phone. And that that was why I couldn't get the free month of Gold for an alternate account. I just reporting what that one support lady said. She was very apologetic about it all and said that the lack of info wouldn't impact my investigation.
That said, I find support to be very inconsistent. It's mind-boggling to me that she was the first support person to mention that my security question wasn't in English. So who knows? But I think I'm done calling support now, unless my investigation goes well over 25 business days.
Harry Potter said:Ugh. Account still frozen and there are 5 games I want to buy this month. fmlI know, first world problems
SourceSo let me just say that the reason it takes so long is because the problem is so widespread. Were having to deal with so many cases thats just how long it takes for each individual case. The new dashboard upgrade that Im sure you know about will partly help us deal with that. But for now, theres nothing I can do about it.
I got an email from bioware/EA about changing my passwords today. It came dressed as an old republic email.Lyphen said:EA will also be doing a password reset some time this month for all accounts create before October 21st.
Are you sure about that? It would be very easy for them to check on which machines the gamertag is normally used.Speedymanic said:Only if you've registered the console, might be mistaken though.
That's pretty big. Hopefully it means that they will add another security layer in the new dashboard update.Palette Swap said:Sorry if this is a slight derail, I haven't lost my account, but there's an entry on Quarter to Three about Tom Chick's experience with a customer rep and there are interesting confirmations in there:
Source
If its so wide spread at least update Xbox.com so we can remove our credit card info.AndyMoogle said:That's pretty big. Hopefully it means that they will add another security layer in the new dashboard update.
That will never happen.big_z said:If its so wide spread at least update Xbox.com so we can remove our credit card info.
Lyphen said:EA will also be doing a password reset some time this month for all accounts create before October 21st.
Psychotext said:Are you sure about that? It would be very easy for them to check on which machines the gamertag is normally used.
They asked for it from my missus and she's never registered anything with them (I registered both of our consoles on my account).
Greetings *Username*,
BioWare takes security very seriously. As we ramp up to the launch of Star Wars: The Old Republic, we are implementing additional security controls to maintain the safety of your account and personal information. One of these security measures includes ensuring all passwords meet best practices around password strength. As a result, all accounts created on or before October 21st, 2011 must reset their password to meet the new security standards. Just like for any other user account you have, changing your Star Wars: The Old Republic password on a regular basis is one of the simple measures you can take to protect your personal information.
Your Star Wars: The Old Republic account credentials are linked to EA.com and Origin.com, so your new password will be applied across all three websites.
We will implement the reset within the next few weeks, so look for a reminder email from us. For more information about this, head over to our Forums or read our News Article.
May the Force be with you, The Star Wars : The Old Republic Team
chubigans said:It's not getting anywhere really. Some had unique passwords, some didn't, almost everyone had an EA account at one point, so what's the use in asking that anymore when we have more interesting developments like chinese characters in secret answers and such.
Santini said:Thankfully haven't been hacked, but after reading all the horror stories in this thread I wanted to take some steps to avoid waking up to someone having FIFA'd my account.
There was an old thread about credit card removal on XBL that pointed to a really useful Reddit article.
That article described how to not only turn off auto-renew but later in the discussion how to also completely remove your credit card from your XBL account (apart from MS keeping it in their own records for historical purposes).
I can confirm that the methods described still work. Auto-renew is turned off for my XBL account, and my CC has also been removed. It's pre-paid cards and codes for me from now on.
I know this won't help those of you who've already been hacked, but for those who haven't--and don't want to spend a better part of their day talking to a MS rep--maybe this will help.
tl;dr - the links above tells you how to turn off auto-renew and remove your CC from your Xbox Live account.