Zoe
Member
Someone posted earlier it's in the TOS that MS will only guarantee a refund of the lost Live time.
I can understand it to a certain point. Fraud is typically handled on the customer's behalf from the bank side, not the store side.
-
Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.
UPDATE: Hackers are selling stolen Xbox Live accounts on foreign auction sites. (!)
- Thread starter chubigans
- Start date
Someone posted earlier it's in the TOS that MS will only guarantee a refund of the lost Live time.
I can understand it to a certain point. Fraud is typically handled on the customer's behalf from the bank side, not the store side.
Such a terrible company.
I guess the only way you're going to get a real resolution is to become very visible. All you have to do is make a popular Youtube channel or get a job at Game Informer! Lawsuits work too!
Psychotext
Member
Wow, what a bunch of wankers. Talk about using the letter of the(ir) law to screw someone over.
I mean god... the horror of only using a single initial. smh.
On that note, I just removed my paypal details. Not sure what I was thinking having them there in the first place, especially with all the horror stories you get with paypal anyway.
I mean god... the horror of only using a single initial. smh.
On that note, I just removed my paypal details. Not sure what I was thinking having them there in the first place, especially with all the horror stories you get with paypal anyway.
Seriously? Sheesh. I do this for a lot of things online, too. I guess I'm fucked if this is the new standard.
How the hell isnt there more of a stink kicked up in the game media over this? Microsoft are essentially doing an EA and stealing people's games. Ugh, such a disgusting company. Not buying in to their systems ever again. At least most of the stuff Ive bought on Live has worn out its welcome/appeal to me. Still, would prefer to be able to recoup some of the costs.
Tell him youre a games journalist and it will be fixed immediately.
If this issue isn't already blown up by the time E3 rolls around I have half a mind to print out a few dozen copies of peoples' posts containing stories of unresolved account hackings, go find the Microsoft guys as they cruise the show floor, and confront them on camera by reading them out loud and asking them to help, Michael Moore style. And if they ignore me or run away then I'll take that footage along with the stack of stories and give copies to the local news stations that always show up to cover E3 as well as post it all on Youtube. I would start with PistolPete's story. What's better than having your account hacked, you ask? Having a smug customer support representative tell you that you've been permanently cut off from the material you already bought and paid for because you used your first initial.
A few dozen is not something that will make anyone notice. I can find that many PSN hacked accounts in a few google searches.
I have a lot of clients with hotmail accounts for personal use and a whole bunch of them have had their accounts hijacked and used for spam (rock hard wang pills mostly). Is there anyone with an xbox live account that's been hacked but doesn't use a hotmail/live address or their Live ID? Just curious, I changed mine to a different email address a long time ago.
Irrelevant. It doesnt make Microsoft's case of account theft any less important or criminal.
I used a gmail address and was hacked.
gmail accounts have been getting hijacked a lot too and most people dont realise it until their account gets flagged for spamming. it's a huge problem right now.
Its not the email account type its the password strength or usage of the same password on multiple services.
Anyway,
Im amazed xbox can store people card and not as for the security code at time of purchase
This should be the BASIC level of security to protect unaithorised payments
Fair enough somehow they got through the password on the account but still requiring the security code from the back of the card at time of MS point purchase for stored cards would make this issue a lot less worse
Speedymanic
Banned
Indeed, someone on here had his account hacked and he lost his account and all the content associated with the account when he claimed the money back from his bank as Sony refused to accept that his account was compromised.
But hey ho...M$ are the evil company who have their customers by the balls.
slidewinder, explain yourself.
Pistolpete, that doesn't right at all. I suggest calling back and demanding they unlock your account and refund any monies stolen or you'll take the matter further - i.e - through a small claims court. Can you/anyone find that clause in the TOS as I haven't been able to find it.
Anyway, need to sleep...
The Faceless Master
Member
contact the BBB immediately.
Shao Kahn Brewing a Stew
Banned
Old? Microsoft Refunds Money Lost in Xbox Live Phishing Scam, Promises Better Customer Service.
http://kotaku.com/5873877/microsoft...hishing-scam-promises-better-customer-service
http://kotaku.com/5873877/microsoft...hishing-scam-promises-better-customer-service
Psychotext
Member
Something amuses me about Kotaku talking about users having their passwords exposed by hacked websites...
Your account was banned because yu used your first innitial when you signed up? Do you have the email with the text because this is really bizarre.
Keavy_Rain
Member
Wait, what?!? I mean, I handle cases like this everyday*, but we just disable the account, refer to the Terms of Service, and say "Come into compliance with the terms and we'll re-enable your account."
What I'm saying is that PistolPete's situation is probably in the Terms of Service, but an outright ban for a one-time violation is extreme. Let's be honest here, no one actually READS the Terms of Service, which is why everyone should get one chance to be made aware of violations and come into compliance.
*Not for Microsoft
I'm pretty sure Phase 1 is having infamous chris and speedymanic do damage control.
here's my theory
- at some point a hacker has acquired your Live ID username and password. (phishing scams? leaked databases with people using the same password? guessing? people at Microsoft selling it to them? who knows)
- they download your profile to an xbox and then back it up onto a USB key setting it to "never prompt for a password"
- effectively they copied your profile with a master key because even if you change you Live ID password the account will automatically sign-in (this was apparently fixed in the Fall 2011 update but there was a 2 year window where it worked)
- as someone else said in this thread they probably just sit on thousands of these compromised profiles and randomly check for a credit card or points. At which point they buy things that have a real world value like Fifa cards and dump the account.
I don't know if that's it but the thing about having you profile automatically sign-in even if you change you Live ID should throw up some red flags. The hacker only needs to know your login details for that moment in time and up until the Fall 2011 update there was nothing you could do about it. You wouldn't even know you profile had been copied.
I thought it was interesting to note that on the profile protection page my account has been associated with 6 different xboxes (I own 1 and I had 1 break so let's say 4 strangers) and it all happened after the 2.0.9199.0 dashboard update that introduced USB storage.
http://www.neogaf.com/forum/showpost.php?p=34052441&postcount=420
http://www.neogaf.com/forum/showpost.php?p=34052732&postcount=425
without context I have no idea what this information means. It could be nothing or it could mean my profile was download to 4 xboxes I don't own.
Your theory makes 100% sense. The point of it is not HOW your account is compromised, but the fact that there's no protection against it being compromised, and once it's compromised you have nothing you can do.
I just would like to add that, apparently, logging through either Games for Windows Live or through a Browser on the xbox marketplace website counts as a new "console" for the "360 profile protection" page.
So yes, your gamertag could have been downloaded and logged in through 4 different XBoxes. Or you could just have played two "games for windows" games and logged on the XBox marketplace website on two different windows installs/computers. Case in point: Yesterday I had a "1/6/2012" console. I just logged to the marketplace website and the "1/6/2012" console is gone and, in it's place, there's a "1/7/2012" console.
As you said, without more information, that page is useless.
I checked the site and it shows that my profile has visited 16 consoles which isn't even close to the truth. And yeah, the site is so vague, I have no idea what it means.
At least my credit card has been removed and I have 0 points!
The profile protection page seems to list any GFWL logins, XBL logins, and PC logins as separate "consoles" so you might want to try matching up the "last visted" dates with any time you ever signed in to Xbox Live...whether it was on an actual Xbox 360 or not. XBL has an iOS/android app now too, doesnt it? I wouldnt be surprised if that page listed a phone login as a console too.
yeah, I guess that explains my account page. I've been trying to think of all the places I've used my account and it's probably about right.
Why it says "previous console" for every entry though is beyond me. I don't think that page could be more unhelpful if it tried.
dragonknight337
Neo Member
I had someone buy a 4000 and a 6000 MSP point pack on my account last night, cannot even describe mfw the gmail notifier popped up the receipts from paypal. Or my face when someone tried to add "mlbabybaby@yahoo.cn" as an alternate account to my Windows Live ID. Declined clearly. >_>
Went to Live's site immediately and read the preventative measures; ended up removing my paypal from Live, changing my password for WinLiveID, the security questions, and requiring a redownload of my GT/the new password to even use my GT, like they say here. When I logged into live, I got a notification that my profile had been downloaded on another console.
Then marked the charges as unauthorized on paypal, and they are investigating... I don't know if I should also do it with my bank, I know they didn't get on my PayPal though.
Then finally called XBL support. After they verified who I was, they did suspend my account immediately (thankfully, unlike Susan T), asked if I had been on any suspicious sites (I haven't) and then said the whole it could take up to 30 days to finish the unauthorised access investigation.
okay.jpg
All I can say is thank god I did have it set to my gmail, because they probably would have changed all the passwords/security questions and took the whole thing over before I got to it.
Edit: I called MS to check on the UAI, since I still could login to the site. The CSR told me it was okay, and that as long as I couldnt log . She did say that they were working on these cases faster and it should only be 15 business days at most, rather than the 30 I was originally told, and that the charges would be resolved even faster than that. She was right about that, paypal reversed both charges to my card not an hour ago! So there's one thing down.
Speedymanic
Banned
No damage control on my part. Why would I damage control something that's clearly worrying and needs to be addressed as soon as humanly possible.
Speedymanic
Banned
Because your tag says so.
It's sad that people only see the tag and not the man behind the tag. I'm more than just a tag, dammit. I have feelings. :'(
VibratingDonkey
Member
Haha, yeah. Gawker's shitty security and attitude towards it and their users may very well be the cause for a chunk of these hijacks. No surprise that they don't know about the existence of two-step verification, instead suggesting its the users who should be addressing Microsoft's flawed security. Whole news post toes the Microsoft PR line.
Zoe
Member
There have been some updates from Lady Elysium. First of all, she's starting to compile other people's stories, so get in touch with her if you want to get on her site. Speaking of which, she's moved it to http://www.hackedonxbox.com/
I also thought this was odd:
She's also mad that MS is saying it was her fault.
I also thought this was odd:
She's also mad that MS is saying it was her fault.
blitzcloud
Banned
It pretty much amazes me to see how tight MS can handle the media (unlike Sony). Sony was few days late on telling something, and everything exploded with statments such as millions of credit cards on the hands of hackers. Nothing really escalated from there, yet it was huge news even to the mainstream media. MS have been playing the "shrug" game for a quarter/third of a year, it's escalating, and they still fail to address it properly, and nothing except a couple heated articles happen?
Psychotext
Member
They did exactly the same with the RRoD. In fact, if it wasn't for retailers and other third parties commenting on it they would have probably continued taking the same line for the entire life of the 360.
No one really like to bite the hand that feeds them.
/FreeSlim360
sarcasm
The truth is, the enthusiast press will always have a bias they aren't cognizant of.
semiconscious
Gold Member
"Those who cannot remember the past are condemned to repeat it." & microsoft's extremely grateful for that...
mugurumakensei
Member
And it's why the next xbox will be named Xbox Infinity for Infinite
overheating.
VeryGooster
Banned
This exact thing happened to my friend. She used a shortened form of her name (not simply an initial) on the account as opposed to her full first name and Microsoft told her she violated the TOS and didn't help to get her account back. She's pretty much done with anything Xbox as a result.
Edit: The funny thing is that I have nothing but expired cards on my profile. I tried to remove them via Xbox.com. Clicking "Remove" does absolutely nothing on Safari or Chrome. I tweet @XboxSupport about it and they tell me to try billing.microsoft.com and I can't even find the options there and the page itself is slow as shit. What a joke.
VibratingDonkey
Member
What do you know.
https://twitter.com/#!/Stepto/status/155848764924493824
So not an official Microsoft policy, just unbelievably shitty customer support.
https://twitter.com/#!/Stepto/status/155848764924493824
So not an official Microsoft policy, just unbelievably shitty customer support.
MesserWolf
Member
1) wow ... microsoft you fail again in being consumer friendly. This should reach mainstream media.
2) I'm realizing how much we need some law, not EULA/TOS, law, to have some sort of protection against absurd bans of accounts with hundreds of dollars of contents attached.
2) I'm realizing how much we need some law, not EULA/TOS, law, to have some sort of protection against absurd bans of accounts with hundreds of dollars of contents attached.
Heh
That's such a silly thing I'm surprised there are even some people simply accepting it. There's doing something out of principle then there's losing things you spent money on your account. I would have bitched until I got back what I own.
This is mind blowing.
Enjoyable read. Microsoft basically tried to silence her with preferential treatment as they did with keighly when his account was hacked. Thankfully, Lady Elysium seems to want nothing to do with it and seems to want to keep going. Hopefully she manages to bring attention to the 100s (1000s more likely) of people who have been shafted by shitty MS "security" and "customer service".
None of this would have happened if MS bothered to do a decent job in the first place.
Psychotext
Member
Well, I hope those who had their account closed because of that ridiculous initial / shortened name shit go after Microsoft now to get it sorted.
I'd be expecting compensation of some sort.
I'd be expecting compensation of some sort.
VeryGooster
Banned
Thank you very much for that. I don't understand why someone would be told this if it's not even an official thing. Then again, according to my friend customer service reps don't even make any sort of contact with Microsoft's fraud department (at least that's what they told her and I believe them...) so I don't know how they think they would be able to help at all if that were the case.
i dont think this is a recent thing at all, but is now coming out big style. Anyway, back when Gears of War 2 launched (iirc WaW came out just after what a month) i was playing Gears.
Plodding along and a message popped up. You have been signed out as you have signed in on another console. Eh, called MS just made me change my password and recover profile.
Nothing was taken though.
Plodding along and a message popped up. You have been signed out as you have signed in on another console. Eh, called MS just made me change my password and recover profile.
Nothing was taken though.
I wasn't aware that you can see how many systems are linked to your XBL account. I should have a look at mine. I should have no more than two systems tied to the account (one victim of the RROD and its replacement).
Edit: Haha, 8 consoles, apparently. Though if browser log-ins are included, I suppose that would explain it - particularly since no points have been used or XBL-based CC charges arisen.
Edit: Haha, 8 consoles, apparently. Though if browser log-ins are included, I suppose that would explain it - particularly since no points have been used or XBL-based CC charges arisen.
Manp
Member
are you kidding, right?
that for what? 40 millions accounts? i don't think the main problem here is that "Sony was few days late". not to mention that in the following weeks other Sony services were hacked and entire databases with users' personal data were stolen.