Xbox Live Hack Clarified

Scooby Doo ScaredMajor Nelson did some research, and spoke with Kevin Finisterre, who discovered the hack. What he came up with is something I could have told you years ago: Xbox Support is majorly retarded. People didn’t hack into the system, and Bungie.net wasn’t subject to attack. What really happened is called Pre-Texting. Malicious users called into Xbox Support pretending to be other users to get their account information. They would call multiple times, getting a bit of information each time, until they could get both the Live ID email and the password.

From Major’s site:

Kevin gave me a call directly and once I realized what he was talking about (he sent me some painful-to-listen-to audio files) I confirmed that the team is fully aware of this issue. They are examining the policies, and have already begun re-training the support staff and partners to help make sure we reduce this type of social engineering attack.

There’s no other way to say it; this situation shouldn’t have happened. Our customers deserve better.

It’s good to see Microsoft admit there is a problem. Hopefully this pushes them to allow the removal of credit cards from the system. Hopefully that’s something that gets taken care of in the Xbox Live downtime coming up soon. And hopefully they get some people at Xbox Support who have any idea what they’re talking about.

del.icio.us:Xbox Live Hack Clarified digg:Xbox Live Hack Clarified newsvine:Xbox Live Hack Clarified reddit:Xbox Live Hack Clarified gametaggr:Xbox Live Hack Clarified n4g:Xbox Live Hack Clarified

Related Posts

This entry was written by Matt Banks, posted on March 24, 2007 at 10:42 am, and tagged , , , , , . Bookmark the permalink. Follow any comments here with the RSS feed for this post. Post a comment or leave a trackback.

Leave a Comment

Your email is never published nor shared.

(required)
(required)