The Sun Changes Tack On Xbox Hacks, MS Still Resilient

We’ve been watching the story for a while – basically, Xbox 360 users are logging into their consoles to find that Microsoft Points have been removed or spent, games have been played that the genuine users haven’t touched, security questions have been changed and, in some cased – apparently – credit cards have been charged.

Call it what you will, but it sounds to us like there’s an issue here that is seemingly being swept under the carpet.  Most of the recent cases involve the affected individual’s account being the subject of several FIFA 12 DLC purchases, something that Microsoft are keen to deny is anything substantial but certainly appears to be a common theme.

[drop2]Indeed, Microsoft are still content enough to mark this down as a simple ‘phishing’ occurance – putting the blame on the user and suggesting they’ve been putting their username and password into dodgy sites or in response to unofficial emails.

We’ve been asking around, as have a few other sites, and we’re getting the impression that this isn’t entirely down to user error at all, and that Microsoft’s insistance that ‘phishing’ is to blame is something that warrants a little more discussion.  The Sun might have brought all this to the attention of the casual user, but it too based its initial article (and front page) on the same school of thought as Microsoft.

However, that tact has – over the last few days – changed.  Despite Microsoft denying any link between the recent hacks (against which there are pages and pages of user submitted evidence) and EA’s FIFA, The Sun has actually been out there and spoken to those claiming to be affected.

“Hundreds of readers contacted The Sun yesterday after we told how criminals have swindled millions from people in online scams,” says the paper, via MCV. “Many victims denied clicking on bogus ‘phishing’ websites or giving personal details to crooks posing as fellow players — saying that Microsoft is under attack from gangs.”

“MS are playing down the issue here, but I can assure you there’s more to it than a bit of phishing,” says one commentor on the trade website. “To me it’s full-on fraud and MS don’t seem that interested in sorting it.”

Microsoft, frustratingly, are sticking to their guns.  “”As we commented on Tuesday, the Xbox LIVE service has not been hacked,” said the company.

“However, we are investigating a number of recent customer complaints relating to Xbox Live customer service – particularly in the way that we have processed refunds to customers that have been victims of phishing related fraud.”  It’s this reliance on placing the blame on the user that is causing annoyance.

It might be fun to point at The Sun and giggle at their headlines – sure – but at least they’ve caused the big players to take notice, and that’s the most important thing here.

Again, our earlier story on this links to three growing threads on popular gaming forum NeoGAF where users are openly sharing their experience with being subjected to this current round of account hacks.  Microsoft are currently taking a substantial amount of days to get the affected accounts back up and running.

Naturally, The Guardian has a nicely balanced story on all this, but we must re-iterate that nothing – at this stage – is proven with regards to the stories from either side of the fence.  It’s entirely possible, for instance, that user accounts are being compromised via repeated passwords involved in any number of recent website and service hacks.

We remind all visitors to ensure that all passwords are unique to each website and service.

Source: The Sun.



  1. All I know is, as Mel Gibson once said, something is rotten in Denmark.

    • That makes no sense.
      What does denmark have to do with MS and english newspapers?

      • I think that’s the point…

      • Proxzyn, I prescribe to you one reading of Hamlet by a certain Mr. William Shakespeare to be taken daily until confusion subsides.

      • To be or not to be? That is the security question.

    • Seems like Microsoft have been allowed to get away with their network breach by simply bullshitting their way out of it.

      Shameful that the press have let it go, considering how they treated Sony when they fessed up to it…

  2. I believe it should be “change tack” not tact. Sorry to be ‘that guy’.

  3. Could it be something as simple as a forum is covertly hacked, for eg. EA’s & people have repeated their username password?

    • that… is a very clever idea, i do hope you havent given any people nefarious ideas :D

    • Could be. Hell, the PSN hackers would’ve had access to alot of username/password combinations.

      You know, I seem to remember a story a while back about hackers gaining access to accounts by socially engineering support staff at companies. If it was that, MS wouldn’t be completely lying about it being phishing. It’s just the target isn’t a customer directly, it’s tired support staff.

      I think the most worrying possibility is that they have been hacked, and haven’t realized it yet, going for the natural reaction of anyone in IT; assume it’s the user fault…

    • A lot of people that have been hacked (my mate for one) doesn’t even own FIFA and isn’t the type of person to be on a gaming forum. I think MS is being a bit naughty on this and really ought to stop accusing the users of falling for a phishing scam and start to look into this.

      They could come out of this very badly, Sony reacted fairly quickly and with extreme force and they got a lot of stick.

      • Interesting, the plot thickens.

      • They don’t have to be the “type of person to be on a gaming forum”. Perhaps, for example, they were signed up to BioWare for some ME or DA content and happened to use their XBLA email and password?

        There have been plenty of gaming-related sites hacked in the past year and what’s to say there aren’t one or more that we haven’t heard about.

  4. My one suspicion, with the possibly thousands of people affected by this, how come not one of the victims have posted the phishing emails? I know that they might be embarrassed but you’d think that with a sample size that large, someone would have come forward.

  5. Lulzec…

  6. Wow The Sun has actually done something beneficial for gaming this time around.

    • I still think there is plenty of reasons to ‘point and giggle’ though!

      • *are!

        Despite the appalling journalism it has given some publicity to the issue. Although it seems likely that it is a case of people using the same username and password across multiple websites.

  7. If people are thick enough to fall for the dodgy emails, then it’s their fault. Although, i am off to Nigera to collect my lottery winnings. :P

    I think if Xbox Live was actually hacked, we would hear about it from TSAers who use Xbox Live. =) And The Sun reported it in a non biased way. :O What happened to “all gamers are evil”?

    • We’ve united to judge a bigger evil… MS.

Comments are now closed for this post.