pharmboy044
Member
I got four words for you regarding Microsoft and lying - RED RING OF DEATH.
-
Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.
3 months of back and forth with MS after XBL account hack and lose everything
- Thread starter dallow_bg
- Start date
I got four words for you regarding Microsoft and lying - RED RING OF DEATH.
How exactly would someone log in to someone elses PSN account from a different console and be able to charge stuff to the card on file? I thought that PSN made you retype the CC# or security code if you log in from a new PS3.
funny because in a thread here on gaf the findings said "there's no indication of being "hacked" via having the same passwords between EA/MS accounts, since many had different passwords. "
and since you've already so clearly established one thread on gaf means fact I assume we wont be seeing thata rgument from you ever again
I'm still sitting at almost 6 months without getting $53.64 (4000 MS points), refunded from when my account was hacked. Just left my latest message with the Specialist who was supposed to help me.
I tried having Xbox Customer Support take care of it. I have a good 4-5 emails from attempts telling me that money would be refunded that never went through.
I've taken it to the BBB, the specialist who responded (who I'm in contact with again), did not issue the refund properly.
I tried taking it to my bank, microsoft said that my bank was not authorized to refund me, and took the money back that the bank had issued me in return.
I've removed all my payment info off because of this, and even switched phones (Was a windows phone user) in large part because of this bullshit. Hopefully he gets his shit taken care of, I'm still waiting on mine.
I tried having Xbox Customer Support take care of it. I have a good 4-5 emails from attempts telling me that money would be refunded that never went through.
I've taken it to the BBB, the specialist who responded (who I'm in contact with again), did not issue the refund properly.
I tried taking it to my bank, microsoft said that my bank was not authorized to refund me, and took the money back that the bank had issued me in return.
I've removed all my payment info off because of this, and even switched phones (Was a windows phone user) in large part because of this bullshit. Hopefully he gets his shit taken care of, I'm still waiting on mine.
Vanillalite
Ask me about the GAF Notebook
Instead you'd rather write an excuse for them and give them a pass instead of actually you know fully admitting they should have implemented this a year ago. Instead of them being forward thinking we have to barrage them with e-mails or tweets or what have you.
Sorry MS is just a cluster fuck of epic proportions when it comes to this. If people have to e-mail them constantly to get this feature shows just how utterly clueless they are in terms of what needed to be done yesterday, last month, last year to help with security. It's MS though, and they always tend to fuck shit up despite having some brilliant ideas.
Your the MS part time PR guy though so I assume you'll spin this that the geniuses at MS shouldn't or couldn't have known to do this say this time last year?
At this point either they
A) Don't give a fuck enough to address this security issue with this full fix via 2 step codes for each login
B) Are to dumb to think of this idea or think it would actually be useful
There is no 3rd line of thinking. If we have to e-mail them constantly to get this feature added as you say then I'd be inclined to say it's A. They just don't give a fuck, and they won't until we pester them enough. This is exactly what you are suggesting.
Oh, come on. Why is it that you will cross-examine other posters but when it comes time to analyze MS' official response it's always: "MS has said it's not their fault, end of story, case closed." That, sir, is you demonstrating good-will, focusing all of the benefit of the doubt on one side of the discussion.
So is that your response to chubigans? People are stupid and flawed, corporations like MS (and only MS, as you haven't afforded EA the same 'courtesy') are not?
MS has done very little in terms of transparency to actually explain why this phenomenon is happening the way it does, and why none of it is their fault. Why believe them over the word of fellow GAFfers who have explicitly stated that they have a good grasp on their personal data?
Speedymanic
Banned
I'm sorry, what exactly are you trying to say here?
You said:
Which is a pretty clear-cut case of blaming the victims.
Speedymanic
Banned
Again, if you want them to implement 2 step, you have to email them everyday asking for it.
They can't read minds. And yes, it would be great if it was available from day one, but unfortunately it wasn't, so if you want it, you know what to do.
RedNumberFive
Banned
So you're saying they fall into group "B", being too ignorant to implement proper security?
On this, we agree.
Speedymanic
Banned
Yet you claimed I said the guy in the OP lied, when I clearly didn't. And taking quotes out of context is petty and below you, or maybe it isn't.
If MS can't figure out a better way to secure Xbox 360 accounts after the subject has come up as news on major sites MULTIPLE times, then maybe their media people need to be fired. You seem to be telling me Stepto and Major Nelson are incompetent. Is this the case?
Hale-XF11
Member
How do two wrongs make a right?
The guy in the OP was hacked, and you stated that everyone who is hacked lies about their security measures. Therefore, you are stating the guy in the OP is a liar. QED.
PSN hack = nobody lost money, get locked out of account for one month for security, get free games, Sony loses face.
XBL hack = people losing money, get locked out of account for one month if hacked, hopefully get reimbursed if you nag a lot, MS doesn't lose face.
-> Honestly, I prefer dealing with the first company. At least that company was able to FIND and FIX the problem after a month.
XBL hack = people losing money, get locked out of account for one month if hacked, hopefully get reimbursed if you nag a lot, MS doesn't lose face.
-> Honestly, I prefer dealing with the first company. At least that company was able to FIND and FIX the problem after a month.
Speedymanic
Banned
Cynicism and knowing that people rarely admit when they do something stupid.
Easier to blame a faceless corporation than to admit you did something stupid and take the mocking by fellow gaffers.
Hell, I've witnessed this happen. A friend claimed to have been hacked, I helped him out and only afterwards did he admit that he put his details into one those stupid emails that offered free points. This is a relatively smart guy and yet he fell for something as stupid as that, so it isn't a stretch for me to think that the others have also done something equally foolish and are too afraid to admit it.
Vanillalite
Ask me about the GAF Notebook
Again you show just how dumb you are. You think they don't already know this is something they could implement?
Like I said in my previous post it's either A or B. Either they just don't give a fuck enough to implement this or you think the employees are MS are to dumb to know 2 step verification exists and would help ramp up their current security measures.
So as the MS freelance PR guy by saying they can't read minds you're admitting one or the other of the above.
So which one is it? They just don't give a fuck or they are just clueless?
It sounds like on the one hand, MS wants to proclaim this isn't a big deal, user error, etc. But when people call, they're being told support is slow because the teams are completely overwhelmed. Unless they only have three dudes and some paper cups, someone's fibbing. The special attention & damage control isn't helping their case either.
But for good measure: Good old games-media. We won't talk about this, but we'll sure as hell flip out the next time gaf bitches about some review scores!
But for good measure: Good old games-media. We won't talk about this, but we'll sure as hell flip out the next time gaf bitches about some review scores!
Cynicism does not explain why you take MS' word at face value. A true cynic* would think the worst of everyone, not everyone but Microsoft.
* In the modern sense.
Ditto. This guy has the patience of a saint and has been putting up with this shit for too long.
Speedymanic
Banned
Yep.
Oh I agree, but in the meantime, it doesn't hurt to email both daily now does it?
Semantics. Cool.
You know you don't have be ashamed to admit that you were wrong when you claimed I called the guy in the OP an liar. It's cool, bro. It's cool.
Insults? How very childish of you.
I fall into none of the above. I realize that change doesn't happen without some helpful 'nudging' from others. I'm doing something about it and contacting both daily. A shame you can't be bothered to as you 'expect' them to know themselves.
D
Deleted member 752119
Unconfirmed Member
I'm the person the OP referred to, forgot I had an account over here from a few years back. I'm not going to get involved in any debates, all the details of my case are in the OP.
I'd just note two things:
1. I never accused MS of having security flaws in my blog post. I have no idea how my account got hacked. But it could well have been social engineering or something. My password was ok strength, but I did make the mistake of using that hotmail account lots of places on the net, so a hacker could have easily gotten the Windows Live ID and then either brute forced the password, or did enough social engineering to get the answer to my secret quesiton or something along those lines.
I'll fully admit I wasn't up-to-date on all the latest security stuff as I'm just not that tech savvy. So my frustration was never that my account got hacked, it was the amount of time it took to get it back, and then the BS with it getting banned.
2. I know my case is probably an extreme example. The wait time isn't as from what I've seen on the official Xbox forums, pretty much everyone who's account region got migrated to Russia, or Brazil etc. has had waits of 3+ months to get the account back.
Thankfully, they've disabled the migration feature so that won't happen to anyone else unless they decide to bring back the feature. And the Exceptions Analyst I spoke to said they have hired more people to work on investigations and are indeed turning around the non-migrated cases in 3-7 days now. Where as those where taking a month or so back in the fall.
My case just has the extra problem of the banning for violations related to trying to steal other accounts prior to my reporting the account stolen when it was migrated to Russia on Oct. 25th. As such, there's apparently no suspicious activity on my account prior to that date to generate physical evidence that my account was compromised earlier. And the PET team looked at it twice and decided to keep the ban.
That's all in my blog post, and there's really nothing more I can say. I certainly never tried to steal any accounts, and I never had any suspensions or violations on my Live account in the 4 years I had it prior to this hacking.
Anyway, I'm glad my story is getting some exposure. As I noted in the blog, I really don't care about getting the account back as I just can't support MS after this experience. I just hope this gets some buzz and causes them to handle any similar cases in the future properly.
I'd just note two things:
1. I never accused MS of having security flaws in my blog post. I have no idea how my account got hacked. But it could well have been social engineering or something. My password was ok strength, but I did make the mistake of using that hotmail account lots of places on the net, so a hacker could have easily gotten the Windows Live ID and then either brute forced the password, or did enough social engineering to get the answer to my secret quesiton or something along those lines.
I'll fully admit I wasn't up-to-date on all the latest security stuff as I'm just not that tech savvy. So my frustration was never that my account got hacked, it was the amount of time it took to get it back, and then the BS with it getting banned.
2. I know my case is probably an extreme example. The wait time isn't as from what I've seen on the official Xbox forums, pretty much everyone who's account region got migrated to Russia, or Brazil etc. has had waits of 3+ months to get the account back.
Thankfully, they've disabled the migration feature so that won't happen to anyone else unless they decide to bring back the feature. And the Exceptions Analyst I spoke to said they have hired more people to work on investigations and are indeed turning around the non-migrated cases in 3-7 days now. Where as those where taking a month or so back in the fall.
My case just has the extra problem of the banning for violations related to trying to steal other accounts prior to my reporting the account stolen when it was migrated to Russia on Oct. 25th. As such, there's apparently no suspicious activity on my account prior to that date to generate physical evidence that my account was compromised earlier. And the PET team looked at it twice and decided to keep the ban.
That's all in my blog post, and there's really nothing more I can say. I certainly never tried to steal any accounts, and I never had any suspensions or violations on my Live account in the 4 years I had it prior to this hacking.
Anyway, I'm glad my story is getting some exposure. As I noted in the blog, I really don't care about getting the account back as I just can't support MS after this experience. I just hope this gets some buzz and causes them to handle any similar cases in the future properly.
Speedymanic
Banned
....
I can understand not wanting to support MS after this, I mean who would. But not caring about getting your account back? Crazy. Did you not buy much content or something? Even if I ever felt like this, I would still want my account back and all the content that I paid for, if only so I could pass it on to someone else who might find some use for it.
Vanillalite
Ask me about the GAF Notebook
Of course I expect them to know. They DO know. I 110% know they know. You think they are ignorant that 2 step verification even exists? Are you really so dumb to think Microsoft is to ignorant to know that 2 step verification exists and would be a greater step towards tighter account security that you have to nudge them in the right direction?
Look I know you're just a PR hack. Everyone who knows you from your postings on GAF knows this. I didn't think you were just inexplicably dense to think MS doesn't know this exists or would be a good idea.
Hell even disregarding the fact that your calling out the bright minds at MS for not knowing this on their own. If you really are e-mailing them everyday then they already know from your e-mails. They just are actively choosing not to give a fuck about it and put 2 step verification into full use.
D
Deleted member 752119
Unconfirmed Member
I mean I'd like the account back for sure, in case I ever go back to an MS console.
Just stating that my main point in sharing my story wasn't just to fix my situation, since it won't help me in the short-term since I don't have a 360 anymore.
My main goal is to give MS some headaches over this--and they've been getting hit on Twitter in response to my blog, and I believe Kotaku is going to run something on it per my e-mails with their editor--and hopefully get them to change their system for handling these types of cases.
Speedymanic
Banned
What are you rambling about?
Sure they know, but emailing them daily asking them to implement it is just showing them that some users want the service implemented ASAP.
By not doing so, why would they bother? They'd naturally assume that users don't want the feature. You don't have been a genius to figure out why emailing them is a good idea.
Think before you post such nonsense.
You're making ludicrously broad claims which have a chilling effect on constructive discussion. If you do not wish people to attribute a statement like "people always lie about their security when they're hacked" to you, then you should not state it. If you regret stating it, then retract it.
Speedymanic
Banned
Ah cool.
I hope it works and good on for you not taking it lying down. The more crap like this is exposed, the less likely they'll be to do it to others.
Now if only we could get another campaign going demanding immediate implementation of two step.
Oppo
Member
Nice. Pretty much says it all.
You could add 15 more to that list just since the last page.
WHATSpeedymaniac said:
I canna take no more! /bails
I feel stupider having read that.
I'm out. (And I love how you ignored my last post Speedy. Just as I expected.)
RedNumberFive
Banned
If it wasn't for the mildly attractive woman in Speedy's avatar, I would have put him on the ignore list some time ago.
You get that with all companies, from all industries.
In the handful or so number of times i've called Xbox customer support or used their Twitter support, they've been great. Only once did I get a useless peon who had no idea and didn't do what he said he did.
Ditto for Sony and Nintendo. They were both great 99% of the time I called.
I called MS up the other day to take my credit card off my account because of this FIFA thing, and it was done withina minutes and they sent me 4 emails straight away with 4 separate Xbox Live codes worth 19 months of Live (the amount I had remaining).
I called Sony a couple of weeks ago about getting my Singstar content over to my new console, and within seconds he had reset something on my profile, and told me to re-download the content within a couple of days.
So I find it strange when I hear 'so many' stories about horrible customer service from any of these 3 companies, given how many times I've called them and had almost zero issues.
Speedymanic
Banned
Apologies, I missed your post. It wasn't intentional.
It might be same guy, might not be. As I stated, I couldn't remember who it was who made the claims.
Its all a matter of luck apparently. You're on one end of the fence getting things taken care of quickly and easily. Then you have people like me on the other side of the fence who have support teams who even admit that you need to be refunded but cannot seem to issue the refunds properly.
creid
Member
Saw this posted on twitter earlier. @XboxSupport seems to be aware of it though, so I'd be surprised if nothing was done considering how much coverage it's getting.
Speedymanic
Banned
I'd assume people have the sense to know when I'm talking about people in general terms and when I specifically talking about someone.
Guess not, so for that I apologize. In future, I'll be sure to be very specific with my wording and disclaimers so as to avoid this problem with you and others who may have similar problems.
Dogfacedgod
Member
I just changed my Windows Live password.
Carry on.
Carry on.
This is (good) news to me.
Sony's case didn't exactly involve a third party though in all fairness.
The fact that is only seems to involve FIFA suggests there's an issue with EA here that to this day, still isn't clear.
It's good that MS now has 2-step, but I've still removed my credit card and changed my passwords just to be sure. Once I removed my credit card, I got rid of the 2-step because it was annoying me.
But without credit cards attached to my PSN and Live accounts, I'm not all that worried anymore.
After the Sony hack, my bank told me they were aware of it, and they would refund me any dodgy credits that were put on my account I didn't make.
Speedymanic
Banned
MS don't have 2 step.
Vanillalite
Ask me about the GAF Notebook
I think we ARE stupider for reading that. I think it's time to take PortTwo's advice and /bail.
I had the same problem in September, someone was trying to access my account + the CODBLOPS hardened edition free maps giving bans out on accident = me losing $100s of dollars in games and all my XBL content. 1000s of hours of achievement whoring with my friends gone.
I literally used a 12 month card a week before gears 3 came out, and got banned and lost 11 1/2 months of live. MS Customer Support told me too bad and to buy a new card.
MS lost me as a digital customer, I'm a physical game guy, and I've converted to PS3(ironic right?) or Steam for my multiplatform and digital games. I have yet to purchase a game for Xbox since Gears 3 came out.
I literally used a 12 month card a week before gears 3 came out, and got banned and lost 11 1/2 months of live. MS Customer Support told me too bad and to buy a new card.
MS lost me as a digital customer, I'm a physical game guy, and I've converted to PS3(ironic right?) or Steam for my multiplatform and digital games. I have yet to purchase a game for Xbox since Gears 3 came out.
Then obviously I have no idea what 2 step is.
Since the update, you have the option to require your Windows Live password to be entered everytime you log in, AND your Xbox Live passcode.
I assumed this was 2 step verification.
Excuse my ignorance.
D
Deleted member 752119
Unconfirmed Member
Two step works like this.
If you want to change your password, you put in the request on the website and then they send you a code to your cell phone via text (or to another e-mail account) and you then have to enter that code on the website to be able to change the password.
It's an extra layer of protection--especially if you use the text option. As a hacker can't get that verification code unless they have your phone.
Speedymanic
Banned
Pretty sure that option has always been there. You can opt for the console to remember the password or choose to enter it every time. It's been a while since I last saw the login page, so I might be wrong.