Xbox LIVE wasn’t hacked, YOU were

The front page of Britain’s The Sun newspaper ran with a story this morning on its front page saying that “online crooks have hacked into thousands of Xbox LIVE accounts to steal millions of pounds. The average loss to gamers in the UK is around £100 — but many have had more than £200 stolen.” When we saw the news, the tea almost fell out of our hands. Only with a bit of further reading, it becomes apparent that Xbox LIVE hasn’t been hacked — Gamers have.

The first I heard of anyone getting their account hacked was on Sunday night, when my brother called his expert gamer twin (me) to talk about why his password wasn’t working, and then why he had no Microsoft Points left after getting back into his account. After brushing him aside in favour of the X Factor results, I searched the internet to see if anyone else was having the same issue. It turned out there was. In my poor brother’s case, he had received an email from who he thought was Microsoft. Something about Xbox LIVE rewards. He clicked that email, and proceeded to give his full account details to what he thought was Microsoft. Turns out my innocent twin brother had been Phished.

Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. (Wiki)

While most of the media has trodden carefully and not directly blamed Microsoft, it sure does make for a better headline. The harsh reality is, however, that the victims of this “hack” have literally handed over the information themselves. While this is awfully unfortunate, and a mistake anyone can make, it needs to be clearer that Microsoft has not been compromised in the same way that Sony’s PlayStation Network was earlier in the year.

Microsoft has decided to come out and take steps to reassure gamers anyway. In a statement handed to the press, the company insisted that LIVE had not been hacked in any way.

“Xbox LIVE has not been hacked. Microsoft can confirm that there has been no breach to the security of our Xbox LIVE service. The security of Xbox Live members is of the utmost importance, which is why we consistently take measures to protect Xbox Live against ever-changing threats,”

“In this case, a number of Xbox Live members appear to have recently been victim of malicious ‘phishing’ scams.”

Microsoft also said it is working with the victims and warning others about possible scams.

“As a result, we are currently:

• Working closely with affected members who have been in touch with us to investigate and/or resolve any unauthorized changes to their accounts resulting from phishing scams;
• Warning people against opening unsolicited e-mails which may contain spyware and other malware that can access personal information contained on their computer without their knowledge or permission;
• Reminding all customers that they should be very careful to keep all personal information secure whenever online and never supply e-mail addresses, passwords or credit card information to strangers.

“Microsoft remains vigilant at all times regarding the security of Xbox Live customers.”

So there you have it, my brother got tricked. When I see him, I’ll give him a dry slap and a pep-talk in how to be safer online. This time of year is always rife for phishing scams, telephone scams and such things, so you don’t need to panic and change your bank account details, passwords and email addresses, you just have to be vigilant. And oh yeah, play some games.