Diablohead
Member
Anything with a single password is shit protection in 2011.equil said:
Microsoft need to do something about it, so much stuff you can own on live = expensive to replace if ever lost.
-
Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.
Wow was my Windows live/ Xbox account just hacked?
- Thread starter Teknoman
- Start date
Microsoft need to do something about it, so much stuff you can own on live = expensive to replace if ever lost.
gregor7777
Banned
I got charged $150, two point cards. Promptly they several purchased games like Rift and Dawn of War, then switched the account location setting to Russia.
Xbox live support said they'll look in to it. Just got it refunded by my bank. This happened Monday morning.
Xbox live support said they'll look in to it. Just got it refunded by my bank. This happened Monday morning.
Xbox Support never called this afternoon, so I called them since its been nearly 2 hours since they were supposed to call. No update other than that they currently have a lot of callbacks to issue currently.
If I don't get called by the end of the day, I'm calling first thing tomorrow morning, and I will take it straight to a supervisor.
If I don't get called by the end of the day, I'm calling first thing tomorrow morning, and I will take it straight to a supervisor.
I have had it up to here with Xbox Support. Made my 4th call today, and my claim is just now getting filed as "unauthorized access". Which means I have to wait 25 days (From now, not from Tuesday when it should have been in the fucking first place) before the issue will be resolved and my money refunded. Not only that but my account gets frozen again. For all 25 days. The kicker? That means I cant access things properly on my phone, I cant even update apps. "Use a different Live ID" is their solution, which means I wouldn't be able to access the apps I have legitimately bought. Probably gonna get rid of my Windows Phone after the incompetence so far. Absolutely inexcusable that I cant even use my phone properly for a month.
Fuck. You. Microsoft.
Fuck. You. Microsoft.
I called for an update today and was told that my first claim was filed wrong and closed by investigations team bc it was incomplete (they didn't link the complaint to my gamertag... Seriously??)Zerokku said:
So... They opened a new one today and I will now wait 28 days because the investigations team is "inundated with complaints and are very behind."
To top it all off, they can't block my acct from being used because the thief changed all info associated with it to gibberish (ie name - yhigjvf) so they can't access the account and shut it off supposedly.
Now I'm watching the punk play dead island with my gamertag.
I had my account hacked yesterday as well. Luckily I called Microsoft roughly two hours after the hacker made the transaction so the account hadn't transferred to China yet. I was able to reset my password and lock down my account, avoiding a UA complaint. Right now I just need to wait 5 days until Microsoft refunds my account. I'm still going to the bank tomorrow to put a stop to it.
Sadly approaching the 22 day mark I was quoted now to fix my account. Gears 3 is next week and I doubt I will be back online to enjoy it.
My bank fixed the fraud charges weeks ago, I have YET to hear anything from MS on their end. No e-mails, no calls, no updates. I checked in with them myself last week(halfway period I was quoted) and was told no status change from the initial report.
Why the fuck isn't anyone in this industry jumping on the story?
Sony received deep shit for what amounted to the conglomerate being fucked(and barely any actual consumers), but across every gaming forum I frequent lately the same thread exists with the same problem of real theft.
MS will never release actual data about how many accounts are fucked now, but I imagine its shocking. Nearly a month to fix an account on their own service???
My bank fixed the fraud charges weeks ago, I have YET to hear anything from MS on their end. No e-mails, no calls, no updates. I checked in with them myself last week(halfway period I was quoted) and was told no status change from the initial report.
Why the fuck isn't anyone in this industry jumping on the story?
Sony received deep shit for what amounted to the conglomerate being fucked(and barely any actual consumers), but across every gaming forum I frequent lately the same thread exists with the same problem of real theft.
MS will never release actual data about how many accounts are fucked now, but I imagine its shocking. Nearly a month to fix an account on their own service???
I got hit tonight. 2 purchases one for 6,000 points and one for 4,000 points.
Thats $133 bucks. MS told me any where from 22 to 40 days of waiting with no account. So there goes alot of games I wanted to play .
Guess I will just save the money. Tommorow I have to head to the bank to get the charges reversed. Gears , dead island and a few others
Thats $133 bucks. MS told me any where from 22 to 40 days of waiting with no account. So there goes alot of games I wanted to play .
Guess I will just save the money. Tommorow I have to head to the bank to get the charges reversed. Gears , dead island and a few others
This happened to me a few days ago. I'm currently deployed to the middle east so no xbox access anyway. Received an email thanking me for two xblive point purchases (1500 & 5000) and was like wtf. Called my wife and she tried to log into my account on the xbox, lo and behold it was locked/banned/something. She called and they said that it takes five weeks to investigate and return the account to me, but that they will refund the charges immediately. The rep said that here has been a huge rash of these hackings lately.
reggie said:
The first customer rep I talked to said it was jtagged xboxes from Eastern Europe. He told me he gets 2 or 3 calls a day with the same thing: 4000 pts. and 6000 pts.
Update 2: So my Win Live account is still blocked. I've called MS a third time, was on the phone for an hour with a third rep and his "coach". They could not help. My account doesnt show as being blocked to them, but I still can't log in. So they elevated my case to a specialist who was supposed to call me "within 48 hrs." Never got a call. Now that 48 hrs over lapped with Saturday, so maybe specialists are off on weekends.
Still haven't been refunded my money.
Yea, I couldn't imagine how it happened to me either. My anti-virus/phishing is always on, and I'm not an idiot that would click on obscure scam sites/e-mails.
There is definitely something fishy going on with MS' end. The amount of reports is progressively building the past couple months and there has to be some leak of sorts getting these hackers through.
There is definitely something fishy going on with MS' end. The amount of reports is progressively building the past couple months and there has to be some leak of sorts getting these hackers through.
ArrrrghX said:
Yea, there is a serious story here that should be surfaced. MS won't ever reveal anything about this unless PR is forced against a wall(ala Sony's debacle, which no one had to dig for that story, it was delivered to everyone via PSN going down).
Right now it's silent, and meanwhile actual theft is happening on MS' watch, to the point they are too backed up to support their customer base at no less than a month for each case.
Sadly, even if someone were in a position to actually investigate, MS likely wouldn't cooperate. But having the story out there in the wake of the Sony fiasco might just be enough to get MS to be a bit more supportive to victims. At least enough to get the broader public informed.
But yea, gaming journalism. Neogaf 'is' gaming journalism...
chewydogg said:
What did he mean with "jtagged xboxes from Eastern Europe"? Is there some kind of exploit you can use with one of those to log on to someone's account without a password or are they maybe used to brute force the passwords?
Edit: Also, have anyone of you guys had the same email/password on some other site that recently got hacked?
Got hit by the exact same thing last week. 3x6000 point purchases, and then my subscription was transferred to Russia.
I caught on to this about an hour later, when I found 4 emails from MICROSOFT *XBOX LIVE sitting in my email. JUST before this happened, I received another email from Windows Live Team:
Am I right to suspect they did not have my password, and broke in through some security loophole?
I caught on to this about an hour later, when I found 4 emails from MICROSOFT *XBOX LIVE sitting in my email. JUST before this happened, I received another email from Windows Live Team:
Am I right to suspect they did not have my password, and broke in through some security loophole?
Diseased Yak
Gold Member
This is scary shit, double scary since I have a Windows Phone
I'm shocked as well that no media outlets have gotten a hold of this. Don't most of them scour GAF for any tidbit of rumor to plaster on their sites? Odd that no one is shouting this from the virtual rooftops...
I'm shocked as well that no media outlets have gotten a hold of this. Don't most of them scour GAF for any tidbit of rumor to plaster on their sites? Odd that no one is shouting this from the virtual rooftops...
Mattdaddy
Gold Member
Yep same thing happened to me last week. I was sitting at work when all of a sudden my email got lit up with XBOX MICROSOFT emails. They purchased almost $200 dollars worth of points. I called xbox live support immediately and they froze it before they could use the points. They had changed my password and put in a new email with some hotmail account. Scumbags. Lucky I caught it quickly, still had to contact the bank about my card though. It was a total pain the ass. I thought I was just unlucky, I didn't know this was a widespread thing happening lately.
Seraphinianus
Banned
there are sites where you can buy tons of these accounts. one i'm looking at has 515 sellers come up for "xbox points", all with lots of different accounts each :\ (not gonna post the link)
if this isn't just tons of people getting brute forced, then yeah, something smells and it's probably the Hryb
if this isn't just tons of people getting brute forced, then yeah, something smells and it's probably the Hryb
VeryGooster
Banned
This happened to my friend late last month, exactly as this image from another thread about this indicates:
A bunch of FIFA '11 crap. She filed a dispute with the bank so she's since been refunded but Microsoft took the amount of points she legitimately had in addition to all the purchases made during his hack.
She was actually able to watch the points deplete on the Xbox site after MS told her they had put her account on hold. She'd been waiting for the 21+ days with no real response and she called them up just now and told her nothing except that they had found some violation in her account, would not specify what the violation was, and simply told her to read the TOS.
Unreal.
A bunch of FIFA '11 crap. She filed a dispute with the bank so she's since been refunded but Microsoft took the amount of points she legitimately had in addition to all the purchases made during his hack.
She was actually able to watch the points deplete on the Xbox site after MS told her they had put her account on hold. She'd been waiting for the 21+ days with no real response and she called them up just now and told her nothing except that they had found some violation in her account, would not specify what the violation was, and simply told her to read the TOS.
Unreal.
Diseased Yak said:This is scary shit, double scary since I have a Windows Phone
I'm shocked as well that no media outlets have gotten a hold of this. Don't most of them scour GAF for any tidbit of rumor to plaster on their sites? Odd that no one is shouting this from the virtual rooftops...
Seriously. C'mon Kotaku get in on this! The comments section alone would probably provide alot of evidence. Thinking about calling back today since: They originally quoted me 15 days for the investigation and...Gears officially releases today.
Perhaps having a windows phone (and threatening to have them lose me as a customer in regards to it) helped. Got my email today saying my investigation was complete and giving me the usual instructions to recover my account yada yada and 2 months of Live as compensation. Still dont have access to it yet, but after a quick call to support I apparently should have access to everything properly again within 24-48 hours.
The Support Rep was dumbfounded about the investigation. He stepped away for a couple minutes to double check, as he had never seen an investigation completed so quickly. Heh.
The Support Rep was dumbfounded about the investigation. He stepped away for a couple minutes to double check, as he had never seen an investigation completed so quickly. Heh.
Great. Apparently "I was told wrong" and that its going to take at least 25 days or more. So going from August 30th when it started, it'll either be the end of September or 4-5 days afterwards according to the rep. Claimed its taking this long since they want to recover the account as well as catch the individuals responsible, and prevent something like this from happening again. So not 15 days or 21 days, but 25+.
Live support was also getting inundated with calls (probably because of Gears 3), so they even had a special message set at the front for those with suspended accounts.
Live support was also getting inundated with calls (probably because of Gears 3), so they even had a special message set at the front for those with suspended accounts.
DownLikeBCPowder
Member
Finally got my account back in working order. They ended up giving me three months worth of credits (didn't ask for any). Everything seems ok, they refunded the 125 USD, though Chase had already rescinded the charge for me. Changed password to something more complex, though pretty sure this was a leak somewhere of a database, not necessarily in Live..
Good luck everyone.
Also, the entire process took a bit over three weeks, almost four.
Good luck everyone.
Also, the entire process took a bit over three weeks, almost four.
DownLikeBCPowder
Member
Not quite sure to be honest. The transgression happened around the 20-25th. I called immediately when it happened, but I followed up the call about six days later and it didn't seem like they had started the investigation until then for some reason.. So somewhere in that time frame of Aug 20-Sept 1.Teknoman said:
This happened to me a couple of weeks ago. The whole process was really annoying -- especially since I called to remove my CC info a while ago, and apparently that didn't happen.
My advice, sadly is to sit and ride it out. I called numerous times because different reps kept on telling me different stuff, but once I finally got the straight talk -- it was 21 days on the dot from then. Call, change your password, get a new CC and just wait. They know it's not weak passwords/phishing that is causing these problems. I am able to see exactly how they are doing it too.
Overall this experience has soured me on MS and their security measures. I'll be using points cards if I buy from them, and don't plan on keeping gold after my pre-paid time expires. Funny thing is my windows live on my computer is still locked down, and the only advice they could give me was "we can port your shit to a new e-mail address." No thanks, not worth it for me. That e-mail is something I use everyday, secure via 2 step authentication. I would have never caught the theft if I hadn't received an automatic notification from an e-mail I use every day.
Whomever the hacker was had decent taste in Live Games -- was downloading Trenched, , From Dust, Bastion and Clash of Heroes before I cut him off. Hopefully none of the downloads completed for him.
My advice, sadly is to sit and ride it out. I called numerous times because different reps kept on telling me different stuff, but once I finally got the straight talk -- it was 21 days on the dot from then. Call, change your password, get a new CC and just wait. They know it's not weak passwords/phishing that is causing these problems. I am able to see exactly how they are doing it too.
Overall this experience has soured me on MS and their security measures. I'll be using points cards if I buy from them, and don't plan on keeping gold after my pre-paid time expires. Funny thing is my windows live on my computer is still locked down, and the only advice they could give me was "we can port your shit to a new e-mail address." No thanks, not worth it for me. That e-mail is something I use everyday, secure via 2 step authentication. I would have never caught the theft if I hadn't received an automatic notification from an e-mail I use every day.
Whomever the hacker was had decent taste in Live Games -- was downloading Trenched, , From Dust, Bastion and Clash of Heroes before I cut him off. Hopefully none of the downloads completed for him.
Miletius said:
Yeah, the rep from last Tuesday claimed to have removed my old card, even gave me a confirmation number. Of course its still not removed. Once all this is sorted out, I have a feeling im going to have to bug them every day to remove auto-renew and my old card.
Zerokku said:
That might be why your investigation was finished fast then.
Ok this is weird. Did a search on google about live accounts getting hacked and I saw a thread at xbox forums. Couldn't get in (I use my msn account always have) to the thread. Now new search on google and its gone?
Am I bugging out here?
Edit: Okay I see the link after changing the search parameters but clicking it gives a slow load and then then the page says the group is closed.
Am I bugging out here?
Edit: Okay I see the link after changing the search parameters but clicking it gives a slow load and then then the page says the group is closed.
TheChewyWaffles
Member
Really scary thread. Wow.