Why the fuck isn't this a bigger issue for Microsoft?
Where are the reporters? I know one of them got hacked and got their account back instantly but where the hell is the integrity?
Free Xboxes, free live, fast-track hardware repairs, fast-track account recovery, and reliance on blockbuster game coverage for a media hungry audience. And, well, these journalists dance with skyrim review copies.
I don't believe they are, but other people do.
Just on "social engineering", you have a few groups in this thread and others saying its a matter of "user error/stupid passwords" and "social engineering/isolated incidents" (sounds a lot like the RROD denial sycophants). Social engineering is possible, but then it wouldnt be as prevalent as this now would it? I figure the social engineering way would be too time consuming for the profit gain. But so far as possible sources for getting account details you would have all this info out there to find:
* gamertags publicly listed on stuff like mygamertag.net
* people using facebook/twitter etc with personal details (city/family names/pets listed - popular secret question answers) and gamertags mentioned there too
* completing the loop by calling xbox support for the last little detail - but that would be reflected in the account history on the customer service side
So essentially, people who get hacked need to enquire when they call XBox 'Support' as to whether there have been any recent calls about their account in recent days/weeks. If that is a common theme, then we can assume social engineering is prevalent. But I wouldn't assume it's the only method - there is probably some kind of Live ID exploit that MS are reluctant to comment on, seeing as it would impact Zune, Windows, Hotmail, XBox Live, Windows Phone, GFWL etc.
If MS admitted such a thing, that would encompass a potentially much wider threat audience than the PSN hacks did.
Which is probably why they are suppressing all the news on it they can.