-
Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.
Wow was my Windows live/ Xbox account just hacked?
- Thread starter Teknoman
- Start date
intheinbetween
Member
gamerecks said:
or just someone who bought an 6000/10000mspoints account on tradetang.com, I mean someone who paid barely 15$ for a 10000mspoints account to a "hacker".
I don't know what can MS can do to the person that bought that.
DownLikeBCPowder
Member
This actually happened to me last month. On the 20th or so, I was actually on the XBX (well, a friend was playing a game) and I was watching him play. Suddenly my phone vibrates that I've just purcahsed 10,000 MS points. I get him to halt and check my balance - sure enough there it is. I jump on the computer and change my password to the account as well as the associated e-Mail and reported it to the CC and MS, which somehow takes "21 days" to investigate so I can't use my account during this time. They sent me a month of gold as an "apology" for the length of time, but I suppose I honestly don't mind, playing Xenoblade and too much going on in life.
But I am wondering where the data leak came from, rather if I used that combo elsewhere.
But I am wondering where the data leak came from, rather if I used that combo elsewhere.
equil said:
Seriously. Really deserves attention given how widespread it is becoming. Especially disconcerting after the PSN fiasco months ago. MS deserves a kick in the ass for this happening so soon in the wake of that.
Even worse given this involves 'ACTUAL FUCKING THEFT!' (Actually I have no idea if the PSN thing led to many reports of fraudulent charges, don't recall reading many stories of it happening)
No charges on my PSN account from that hack attack causing PSN to shut down.
Anyway, got my new credit card...but even after activating and checking my recent activity, the 3 MS points charges are still listed. Guess i'm going to have to call a third time to see whats up with that...and thats after being told twice that it would be taken care of. Thinking about calling up MS tomorrow as well.
Anyway, got my new credit card...but even after activating and checking my recent activity, the 3 MS points charges are still listed. Guess i'm going to have to call a third time to see whats up with that...and thats after being told twice that it would be taken care of. Thinking about calling up MS tomorrow as well.
Called my bank today and they are sending me a new CC and closing down my current card. Investigating the charges and am told they should be credited back into my account within the next few days.
Now its MS' turn to get my Gamertag account back up and running. This is the issue I am most fearful of getting resolved. I feel like I have -zero confidence- in the department based on my phone conversation when I reported this issue. My bank however was immensely supportive.
Now its MS' turn to get my Gamertag account back up and running. This is the issue I am most fearful of getting resolved. I feel like I have -zero confidence- in the department based on my phone conversation when I reported this issue. My bank however was immensely supportive.
Just keep calling them back every few days. I just called back today, and apparently the investigation just officially started yesterday. The rep said it would take up to 21 business days for them to complete the process, and I should have received an email stating this + a 1 month free XBL gold code. Of course, the spot where the code was supposed to be in the email was blank, so I guess i'll have to call back later today for that.
I guess by other windows live ID services being locked, they mean Xbox live, Games for Windows live, and Zune, not the actual hotmail service.
My credit card company however, says the charges disputed are still under investigation, so they'll probably remain on the statement until that finishes.
I guess by other windows live ID services being locked, they mean Xbox live, Games for Windows live, and Zune, not the actual hotmail service.
My credit card company however, says the charges disputed are still under investigation, so they'll probably remain on the statement until that finishes.
DownLikeBCPowder
Member
Yeah, it took at least a week and a half from the report, if not two, for my e-Mail to even arrive.Teknoman said:
My card company, though, immediately rescinded the charges when I reported them as potentially fraudulent, so at least I don't have to concern myself with it. Though Toys N Joys just this last month billed me for an order I made, a 300 dollar order, and they never shipped it. I called, ask for refund, nothing.. So many problems lately.
LAUGHTREY
Modesty becomes a woman
I got my tag back, it was a little touch and go there for a second since they sent me a reset email but the gamertag was still tied to the douchebags account, he couldve requested a reset email at any time so make sure when you guys get yours back you change it to a new windows live id just in case. It's a pain in the ass but at least you know its new and secure. Use an email that you won't use anywhere else so you know that it's safe and secure.
They said it'll take a while to get my money refunded still, and the dbag used the content license transfer so I have to call again and get that done. Important part though is I got my tag back.
They said it'll take a while to get my money refunded still, and the dbag used the content license transfer so I have to call again and get that done. Important part though is I got my tag back.
Just saw this posted on Twitter, apparently it's new
http://www.xbox.com/en-US/Live/Account-Security
In response to these type of hacks?
http://www.xbox.com/en-US/Live/Account-Security
In response to these type of hacks?
Brandon F said:
Same here, just refunded the charges, now its a matter of time. Of course I need my stuff up before Gears 3/ before that so I can get back into SF3.
EDIT: Never knew about XBL passcodes.
Doesnt cover what to do if MS themselves had a security breach. Anyway, If I call to disable auto-renew, I should be able to remove my old credit card right?
Important - You cant remove a credit card that is associated with an active Xbox LIVE membership. If you try to remove the credit card associated with an active Xbox LIVE membership, you will be prompted to add a new payment option for your membership.
If you dont want to add another payment method, call Xbox Support for help removing your payment method. When you call, please have your gamertag and payment information available.
If I remove the card and cancel auto-renew during the call, they shouldnt cancel my XBL Gold status right?
DownLikeBCPowder
Member
Teknoman said:
Even I wasn't able to remove all my cards from Live.. In the end, I had to use an expiring card as my primary to remove the other ones.
MesserWolf said:
This comic, as with most things form XKCD, is wrong.
Password crackers do NOT blindly traipse through the search space, they use dictionaries, chaining combinations, substitutions, etc. in an intelligent fashion that tries to mimic how humans tend to use passwords.
A password consisting of 4 dictionary words would be cracked astronomically faster than a password that's actually complex. The only benefit his suggestion provides is that most cracking programs won't be configured to try passwords past a certain length by default.
Using any dictionary word, modified or not, is a big fat no-no when it comes to passwords you give a shit about. Tr0ub4dor&3 is not a great password, but correcthorsebatterystaple is a very shitty password. Yh2~8!j: is a good password.
10011101001
Neo Member
Just happened to me. Its the same story as everybody else, person purchased 4k then 6k points. The funny thing is that the only reason this account still exists is for a Zune Pass, I haven't paid for Live in several years.
SneakyStephan
Banned
So is this some trojan link going around on gaf or something?
I don't have xbox live gold, don't have a cc linked to my live account, but I got logged off msn at like 5.30 am this morning with the message that it was being logged onto from somewhere else.
It hasn't happened again though, even there is no cc info to steal or shit to buy i'd rather not have someone else have access to my email account...
I have my hotmail inbox bookmarked and never log into live on any other site so I don't even know how they'd get my password (if this wasn't some random error).
'only' been keylogged twice in like 10++ years, both times from WCM with a trojan in one of their banners (apparently it was enough to just open the webpage through a security flaw in the browser, didn't even have to click it), I use noscript now and haven't played wow in ages nor been to that site in 2 years<.<
I don't have xbox live gold, don't have a cc linked to my live account, but I got logged off msn at like 5.30 am this morning with the message that it was being logged onto from somewhere else.
It hasn't happened again though, even there is no cc info to steal or shit to buy i'd rather not have someone else have access to my email account...
I have my hotmail inbox bookmarked and never log into live on any other site so I don't even know how they'd get my password (if this wasn't some random error).
'only' been keylogged twice in like 10++ years, both times from WCM with a trojan in one of their banners (apparently it was enough to just open the webpage through a security flaw in the browser, didn't even have to click it), I use noscript now and haven't played wow in ages nor been to that site in 2 years<.<
I didn't see this thread till just now.
But my account was hacked or something also on the 29th of last month. I was watching TV when I get an email from MS thanking me for buying 6k point followed by another email about 4k points.
Called my bank and killed the card then MS about it and they were actually nice on the phone. Refunded half of the buys but still haven't done the 2nd half. They said I would be locked out of all my MS accounts while they investigate which could take 'about 20 days'. Last night I logged onto my Xbox account on the PC and it shows this under my purchase history for 8-29-11
Gold Premium Pack Game Consumable 8/29/2011 Add to Queue
Street Fighter III: Online Edition Arcade Game 8/29/2011 Add to Queue
31,500 Coins Game Consumable 8/29/2011 Add to Queue
Legendary Pack Game Consumable 8/29/2011 Add to Queue
Silver Pack Game Consumable 8/29/2011 Add to Queue
Gold Pack Game Consumable 8/29/2011 Add to Queue
6,000 Coins
I haven't logged onto it with my Xbox since I called them last month. But the web site shows my account was last used on 9-1-11. And the bastard played Madden 12 and got a few achievements. That also annoys me since I don't have madden and didn't want that on my score.
Another thing that annoyed me was if they locked out my accounts on the 29 how was the thief playing 2 days later?
One thing I don't like though is I never bought anything on my XBox account. I didn't think I had my card linked to it but apparently when I bought a few PC games from Live for Windows they put my card on that account.
But my account was hacked or something also on the 29th of last month. I was watching TV when I get an email from MS thanking me for buying 6k point followed by another email about 4k points.
Called my bank and killed the card then MS about it and they were actually nice on the phone. Refunded half of the buys but still haven't done the 2nd half. They said I would be locked out of all my MS accounts while they investigate which could take 'about 20 days'. Last night I logged onto my Xbox account on the PC and it shows this under my purchase history for 8-29-11
Gold Premium Pack Game Consumable 8/29/2011 Add to Queue
Street Fighter III: Online Edition Arcade Game 8/29/2011 Add to Queue
31,500 Coins Game Consumable 8/29/2011 Add to Queue
Legendary Pack Game Consumable 8/29/2011 Add to Queue
Silver Pack Game Consumable 8/29/2011 Add to Queue
Gold Pack Game Consumable 8/29/2011 Add to Queue
6,000 Coins
I haven't logged onto it with my Xbox since I called them last month. But the web site shows my account was last used on 9-1-11. And the bastard played Madden 12 and got a few achievements. That also annoys me since I don't have madden and didn't want that on my score.
Another thing that annoyed me was if they locked out my accounts on the 29 how was the thief playing 2 days later?
One thing I don't like though is I never bought anything on my XBox account. I didn't think I had my card linked to it but apparently when I bought a few PC games from Live for Windows they put my card on that account.
Update: So today I get an email from MS telling me to reset my Windows Live password and then recover my gamertag on my Xbox. When I reset my pw, I got a screen saying my account was locked. Tried recovering my gamertag and got a message saying Xbox Live sign in wasn't available, try again later. When I called support, the rep said that it may be because the system is "lagging". If I can't recover my GT at some point tonight, I'll give them another call. What a pain in the ass. The email said they would refund the whole amount, but that hasn't happened yet. They have sent me 3 different 1 month codes though. :/
test_account
XP-39C²
I wonder if the recent Xbox Live downtime has anything to do with this.
sneakypete
Member
akira28 said:
Malware detected on this site.. Avira started scanning and then crashed.. what the fuck?
So i just went to log onto my xbox after being on vacation for a week, and I get a message that
"My membership infomration isn't valid. Please use a profile that contains a valid membership or recover your profile from Xbox LIVE."
Tried to sign in with my Windows Live Account and nothing. My email address is not valid.
I called MS, and my gamertag, Blink, is no longer associated with my name, address, phone number, or credit card information, but to someone else. To top it all off, they have no record of my name, phone number, or credit card information at all in their system.
I told the rep. that I have had to file numerous complaints lately about people contacting me trying to buy my gamertag and how they send harrassing emails back to me if I ignore them or simply say 'no', and she says well that activity will get your xbox banned.
Now they are telling me that it will take up to 25 days of my account being frozen to try to figure out what happened, and i was not even guaranteed a resolution!!!
I asked to speak to a supervisor who told me that there is no one else I can speak to, he doesn't have a supervisor I can speak with, and that I will get an email when the investigation is complete. They will not tell me when or how it happened, either. MS has just shown me that they pretty much doesn't give a fuck about their customers.
Who knows what information the person that did this got... They managed to erase me from the Xbox Live database completely!
How can this even happen without me knowing?
I wish there was a way to create a new thread about this.. damn Jr status
We need to make people aware that this is happening! This is worse than the Sony fiasco!
Be careful, everyone!!!
"My membership infomration isn't valid. Please use a profile that contains a valid membership or recover your profile from Xbox LIVE."
Tried to sign in with my Windows Live Account and nothing. My email address is not valid.
I called MS, and my gamertag, Blink, is no longer associated with my name, address, phone number, or credit card information, but to someone else. To top it all off, they have no record of my name, phone number, or credit card information at all in their system.
I told the rep. that I have had to file numerous complaints lately about people contacting me trying to buy my gamertag and how they send harrassing emails back to me if I ignore them or simply say 'no', and she says well that activity will get your xbox banned.
Now they are telling me that it will take up to 25 days of my account being frozen to try to figure out what happened, and i was not even guaranteed a resolution!!!
I asked to speak to a supervisor who told me that there is no one else I can speak to, he doesn't have a supervisor I can speak with, and that I will get an email when the investigation is complete. They will not tell me when or how it happened, either. MS has just shown me that they pretty much doesn't give a fuck about their customers.
Who knows what information the person that did this got... They managed to erase me from the Xbox Live database completely!
How can this even happen without me knowing?
I wish there was a way to create a new thread about this.. damn Jr status
We need to make people aware that this is happening! This is worse than the Sony fiasco!
Be careful, everyone!!!
This happened to me on tuesday. Same story as everyone, 4000 points then 6000 points. Luckily I caught it within about 5 minutes of it happening. Changed my password and called MS support. My account is to be closed for 72 hours and the money refunded. About 6 hours from now should be 72 hours, and only one of the two charges has been refunded so far. We'll see how this goes.
Or zune. Thats where my info came from, since I pretty much have to in order to purchase apps for my phone.
Thoraxes said:
Or zune. Thats where my info came from, since I pretty much have to in order to purchase apps for my phone.
Shed_a_Ninja
Banned
Has it been confirmed to be phishing and/or keylogging trojans?
Or is Xbox Live slowly being hacked away at? Because my Xbox Live gamertag has been inactive since December 2010 (last game I played was Shadowrun).
If my tag gets stolen by some random schmuck due to Microsoft's reluctance to address the issue, I'll know that my decision to focus on other gaming platforms was the right choice.
Or is Xbox Live slowly being hacked away at? Because my Xbox Live gamertag has been inactive since December 2010 (last game I played was Shadowrun).
If my tag gets stolen by some random schmuck due to Microsoft's reluctance to address the issue, I'll know that my decision to focus on other gaming platforms was the right choice.
Seraphinianus
Banned
Shed_a_Ninja said:
I think they're brute forcing easy passwords. There's nothing you can do to address that except remind people to set good passwords, which companies have been doing since the beginning of the internet and which people have ignored since the beginning of the internet.
anyone with a really strong (at least 8 characters with letters not spelling common words, non-sequential numbers, and symbols) password get hacked?
Shed_a_Ninja
Banned
Smision said:
"Brute forcing passwords" is bullshit. If that's the case, ANY account, ANYWHERE, could be "brute-forced".
It's either keylogging trojans from Xbox/video game-based websites, or jtaggers/whateverthefucktheyarecalled "brute-forcing" Microsoft's servers.
ShallNoiseUpon
Member
Smision said:
8+ character, non-dictionary, alphanumeric with symbols here.
The_Inquisitor
Member
My number was stolen last week. This could be conjecture, but it occured after my card had been billed for xbox live after the assholes billed me for a month i didn't want.
Anyways, my bank cancelled my card already so they don't have shit. I strongly recommend that everyone just uses cards.
Anyways, my bank cancelled my card already so they don't have shit. I strongly recommend that everyone just uses cards.
Ace Harding
Member
Jeez - I had no idea this was going on. This many people just on GAF is kind of alarming.
Did a google search for xbox account hack and all I see are videos and message board posts showing people how to hack accounts and gamerscore. Gross.
Did a google search for xbox account hack and all I see are videos and message board posts showing people how to hack accounts and gamerscore. Gross.
Shed_a_Ninja
Banned
Zerokku said:
You can't use Microsoft points cards for Windows Phone apps/games?
Sorry for the double post, but god...
Fucking dumbass incompetent xbox support. I logged into my account on xbox.com, to see that not only was I still suspended (Was only supposed to be 72 hours) but that 4000 points were still on my account. Called them up to see what the hell was up. Apparently the idiot who helped me on Tuesday not only escalated the return for for only one of the transactions, but entered in my phone number wrong. Apparently they had already tried to call me and obviously were not able to. Basically if I hadn't called in to complain, my live account and the ~$50 waiting to be refunded would have been sitting in essentially limbo. As it stands I get to wait another 24 hours for them to fix their own stupidity.
I fucking swear...
Fucking dumbass incompetent xbox support. I logged into my account on xbox.com, to see that not only was I still suspended (Was only supposed to be 72 hours) but that 4000 points were still on my account. Called them up to see what the hell was up. Apparently the idiot who helped me on Tuesday not only escalated the return for for only one of the transactions, but entered in my phone number wrong. Apparently they had already tried to call me and obviously were not able to. Basically if I hadn't called in to complain, my live account and the ~$50 waiting to be refunded would have been sitting in essentially limbo. As it stands I get to wait another 24 hours for them to fix their own stupidity.
I fucking swear...
Did they remove the bill charges but not refund you your money, or just not do either? They refunded my $5 like right away, and told me that the other $70 would come later. I called earlier this week and they said probably by the end I would have the rest back.Zerokku said:
Also as of then, nothing showed up under my billing account on that MS site, and nothing elsewhere I think. They only removed the $5 from the XBL site, but the other two show up in my purchase history still.
Thoraxes said:
Nothing. Apparently the guy only had one of the transactions refunded, and didn't touch the other. I've had the money from the first 6000 points refunded for a couple days now. Simply nothing happened at all with the other. Hence why the 4000 points were still sitting on my account.