xbox live account hacked
- Thread starter nuromutt
- Start date
TheSportsGamer23
CAGiversary!
- Feedback
- 2 (100%)
[quote name='porieux']I would contact customer service then, sounds fishy.[/QUOTE]
Thanks For The Advice
The only reason I am not freaking out is no Microsoft Points have been spent and no extra achievements
But I am just curious why they just appear
Thanks For The Advice
The only reason I am not freaking out is no Microsoft Points have been spent and no extra achievements
But I am just curious why they just appear
ZombieToast
CAGiversary!
- Feedback
- 10 (100%)
You should write down the gamertags of these new friends. It could be that something fishy is going on or it could be as harmless as you accidentally accepting friend requests, someone in your house doing it, or a weird glitch. Thankfully, the worst thing that happens to me is that I get friend requests from random people I've never met who obviously don't read my bio (or else they would leave me alone as requested). Right now, some Swiss kid keeps trying to be my friend. I assume he found me on a message board 'cause we don't play any of the same games. He sent a message with the last request, but I don't understand what he's saying and I don't feel like trying to communicate with him. If anyone feels like trying to make sense of it, here's the message he sent:
"can you me my request, I will take one of the many point have you on my friends list"
The best I can figure is that by accepting his request, he will fill an empty slot on my friends list. Not exactly the best sales pitch.
[quote name='foreverjoe20']all my saved games were gone[/QUOTE]
Maybe I don't realize that this is a stupid question because I'm so tired, but how were they able to erase your saved games when they are all stored locally?
"can you me my request, I will take one of the many point have you on my friends list"
The best I can figure is that by accepting his request, he will fill an empty slot on my friends list. Not exactly the best sales pitch.
[quote name='foreverjoe20']all my saved games were gone[/QUOTE]
Maybe I don't realize that this is a stupid question because I'm so tired, but how were they able to erase your saved games when they are all stored locally?
sendme
CAGiversary!
With work and buying more on the PC now I really have not been on my 360. So I'm wondering if I have no credit card info am I safe? I have some points but spent most of them on Gears of War 3 stuff. So if what is left is spent I'm not to worried. I just want to make sure that I'm not hacked and can't use my account for some time.
foreverjoe20
CAGiversary!
- Feedback
- 236 (100%)
I should post more on CAG...an hour and a half after I posted my story, I got the Windows Live reset password email and the reset Xbox live account email too.
So now I'm good. All my gamerscore is back, game saves are still there...only thing that didn't come back is my friend's list but I just have to ask them to send me a friend invite.
Also got to change my gamertag...now I'm "NobleOak"!
So now I'm good. All my gamerscore is back, game saves are still there...only thing that didn't come back is my friend's list but I just have to ask them to send me a friend invite.
Also got to change my gamertag...now I'm "NobleOak"!
I am worried about this, I am a new Xbox live user and I have a EA account, bioware account and Xbox live account tied to windows live. I have different passwords for each account and they are passwords I don't use anywhere else and would probably be impossible to guess. No credit card on my account and there will never be one but I want to put my points on the account and leave them there for a bit, for now I am holding onto a bunch of unused bing point codes and codes from that COD gamestop promotion until I want to buy something on the market place.
My xbox live account was also hacked. The hotmail account password/security question changed; and someone else's email added as a backup to retreive lost password info. They tried to charge 6,000 ms points but the charge was declined. They did wipe out my friends list and took about 400 ms points I had in my account. It took less than 12hrs to have my account returned.
Mr Unoriginal
CAGiversary!
- Feedback
- 111 (100%)
[quote name='memsg']My xbox live account was also hacked. The hotmail account password/security question changed; and someone else's email added as a backup to retreive lost password info. They tried to charge 6,000 ms points but the charge was declined. They did wipe out my friends list and took about 400 ms points I had in my account. It took less than 12hrs to have my account returned.[/QUOTE]
Whoever hacked mine created a new Live account. I was told that my old one can be retrieved, so I'm hoping. That's great about how fast it happened, how were you notified?
Whoever hacked mine created a new Live account. I was told that my old one can be retrieved, so I'm hoping. That's great about how fast it happened, how were you notified?
I submitted the online form to verify the hotmail account was mine, and entered an alternate notification email address last night. This morning I recieved an email from the Windows live team with Congratulations the information has been verified , and I was able to recover my gamertag.
Mr Unoriginal
CAGiversary!
- Feedback
- 111 (100%)
[quote name='memsg']I submitted the online form to verify the hotmail account was mine, and entered an alternate notification email address last night. This morning I recieved an email from the Windows live team with Congratulations the information has been verified , and I was able to recover my gamertag.[/QUOTE]
Where is the online form located?
Where is the online form located?
Mr Unoriginal
CAGiversary!
- Feedback
- 111 (100%)
[quote name='memsg']at login.live.com click on Can't access your account>Reset your password (that's where I saw someone else's alternate email address)>Customer support. Then just fill out the online form.[/QUOTE]
Thanks, I'll give it a try.
Thanks, I'll give it a try.
I've seen the stories of getting the credit card charges refunded, but now I"m beginning to wonder:
Am I going to get my FIFA'd 4,000+ points that were already in my account back after waiting for far too long, or are they just going to say "ok, your account is good now, carry on!"
I'm calling them tomorrow to get a status "update" (read: make sure they're actually doing any of what they said they would) and see if I can get it expedited. 25 days would put my at the 1st week of December, meaning I'll miss all of the Black Friday XBLA deals this year.
Am I going to get my FIFA'd 4,000+ points that were already in my account back after waiting for far too long, or are they just going to say "ok, your account is good now, carry on!"
I'm calling them tomorrow to get a status "update" (read: make sure they're actually doing any of what they said they would) and see if I can get it expedited. 25 days would put my at the 1st week of December, meaning I'll miss all of the Black Friday XBLA deals this year.
ZombieToast
CAGiversary!
- Feedback
- 10 (100%)
I know it's not quite the same, but you can still get the XBLA games under a different account and you won't have any problem playing them with your primary account later.
Viva Las Vegas
CAGiversary!
- Feedback
- 1 (100%)
My account got hacked and I'm halfway around the world for another 2+ weeks. MS said they can't do anything until I get them my console id and serial number. Uggghhhh!
I can't believe they can't move forward or they don't already have this info somewhere on their end.
I can't believe they can't move forward or they don't already have this info somewhere on their end.
Mr Unoriginal
CAGiversary!
- Feedback
- 111 (100%)
[quote name='Viva Las Vegas']My account got hacked and I'm halfway around the world for another 2+ weeks. MS said they can't do anything until I get them my console id and serial number. Uggghhhh!
I can't believe they can't move forward or they don't already have this info somewhere on their end.[/QUOTE]
I think there is a good reason for it. They explained it to me that they can see that something was downloaded from a different console and that's how they infer it was hacked.
I can't believe they can't move forward or they don't already have this info somewhere on their end.[/QUOTE]
I think there is a good reason for it. They explained it to me that they can see that something was downloaded from a different console and that's how they infer it was hacked.
Viva Las Vegas
CAGiversary!
- Feedback
- 1 (100%)
When your account is hacked you can't log into Xbox.com correct? I'm not 100% sure of my password and since I'm not home I don't know if I'm using an incorrect password or the hacker changed it and even if I am using the right one it won't work.
Mr Unoriginal
CAGiversary!
- Feedback
- 111 (100%)
[quote name='porieux']I think one of the gaming sites needs to get to the bottom of this situation. I wonder if MS security is really compromised technically or if there is some sort of social engineering aspect to this (either phishing or tricking CS people)...[/QUOTE]
I think it has to do with the EA servers and the fact that you have to sign up for them with the same info to play the games. I got hacked less than a week after playing an EA game: the first EA game I've played in a long time.
I think it has to do with the EA servers and the fact that you have to sign up for them with the same info to play the games. I got hacked less than a week after playing an EA game: the first EA game I've played in a long time.
[quote name='Viva Las Vegas']When your account is hacked you can't log into Xbox.com correct? I'm not 100% sure of my password and since I'm not home I don't know if I'm using an incorrect password or the hacker changed it and even if I am using the right one it won't work.[/QUOTE]
Not necessarily. Whoever hacked me didn't change my password before I noticed it, so I was able to change it myself and still log in.
Just had to contact MS as they spent 1200 points and migrated my account to Russia.
And to the above, again it's not all hacks from EA apparently. Some are also due to a newish policy in some European countries that allow users to migrate their account to a neighboring country rather than requiring them to have the account housed in whatever country they are in. Hackers figured out how to exploit that and migrate the account to their country and spend points in their country's marketplace without moving your gamer tag to their console etc.
Not necessarily. Whoever hacked me didn't change my password before I noticed it, so I was able to change it myself and still log in.
Just had to contact MS as they spent 1200 points and migrated my account to Russia.
And to the above, again it's not all hacks from EA apparently. Some are also due to a newish policy in some European countries that allow users to migrate their account to a neighboring country rather than requiring them to have the account housed in whatever country they are in. Hackers figured out how to exploit that and migrate the account to their country and spend points in their country's marketplace without moving your gamer tag to their console etc.
[quote name='Afflicted']just wanted to post a followup...
got my account back today... hacked on 10/15.. account back on 11/7...
they also included 2 1-month codes for gold.[/QUOTE]
Were you notified by your alternate e-mail address? I remember being asked a different email address to be contacted when I was on the phone with support. My account was suspended since 10/17 so hopefully I'll be seeing progress soon.
got my account back today... hacked on 10/15.. account back on 11/7...
they also included 2 1-month codes for gold.[/QUOTE]
Were you notified by your alternate e-mail address? I remember being asked a different email address to be contacted when I was on the phone with support. My account was suspended since 10/17 so hopefully I'll be seeing progress soon.
Mr Unoriginal
CAGiversary!
- Feedback
- 111 (100%)
The worst part about it is I am a bit of a achievement whore, so I'm holding off on 360 games so I don't make too much progress. I don't know how long I can hold out.
[quote name='menikmati']Were you notified by your alternate e-mail address? I remember being asked a different email address to be contacted when I was on the phone with support. My account was suspended since 10/17 so hopefully I'll be seeing progress soon.[/QUOTE]
actually I got emails at both addresses.... one on the main email that asked me to verify that I had given the alternate addy and 2 on the alternate.... one talking about the case and the other with instructions on how to change password and recover the gamertag... course I had already recovered the gamertag so didn't have to do that.
actually I got emails at both addresses.... one on the main email that asked me to verify that I had given the alternate addy and 2 on the alternate.... one talking about the case and the other with instructions on how to change password and recover the gamertag... course I had already recovered the gamertag so didn't have to do that.
[quote name='dmaul1114']Was your account Migrated to another country? Or did you just have points spent etc.[/QUOTE]
not migrated... I had actually recovered the gamertag while on hold with customer service.
also had 0 points of my own but they bought some points and spent them.
not migrated... I had actually recovered the gamertag while on hold with customer service.
also had 0 points of my own but they bought some points and spent them.
My gamer tag never left my console so I never had to recover it, but some how they changed my region to Russian so parts of the dashboard are in Russian and it goes to the Russian marketplace etc.
Annoying as some posts on the Xbox support boards say that some have been waiting to get their accounts back when that type of migration happens.
Annoying as some posts on the Xbox support boards say that some have been waiting to get their accounts back when that type of migration happens.
Called Xbox support for an update on my hacked account. Pretty much no update. Higher level investigation team hasn't taken it yet, and when they do I'll lose all access to it while they're investigating.
Still touting the 25 business day turnaround, and this is the 11th business day so I've still probably got a couple weeks minimum to wait.
Still touting the 25 business day turnaround, and this is the 11th business day so I've still probably got a couple weeks minimum to wait.
Mr Unoriginal
CAGiversary!
- Feedback
- 111 (100%)
[quote name='dmaul1114']Called Xbox support for an update on my hacked account. Pretty much no update. Higher level investigation team hasn't taken it yet, and when they do I'll lose all access to it while they're investigating.
Still touting the 25 business day turnaround, and this is the 11th business day so I've still probably got a couple weeks minimum to wait.[/QUOTE]
I was thinking of calling to get an update. Is it worth it at all?
Still touting the 25 business day turnaround, and this is the 11th business day so I've still probably got a couple weeks minimum to wait.[/QUOTE]
I was thinking of calling to get an update. Is it worth it at all?
No. The CS people don't know anything. They can just see that the investigators haven't taken the account, and if you're locked out of yours they'll just tell you they're working on it.
I won't call again unless it's a few days past the 25 business day estimate and I haven't heard anything.
On other boards people have said they just got an e-mail with a code to set up a temp account for 30 days when their investigation hit the 25 day point.
I won't call again unless it's a few days past the 25 business day estimate and I haven't heard anything.
On other boards people have said they just got an e-mail with a code to set up a temp account for 30 days when their investigation hit the 25 day point.
not2worried
CAGiversary!
- Feedback
- 5 (100%)
Every Xbox should be able to have 3 accounts that have a free month of live. So those that are waiting for their account. You can start a side one to at least play online for a month, if you haven't done that before. Thats what I did. And yes there CS know very little, they claim it's so they don't help out the hacker by mistake.
fictionality7
CAGiversary!
I got hacked on Saturday; hacker played FIFA 12 and got two achievements (setting up a team and buying something -- I'm guessing the second requires the first). Thankfully, the only credit card I had on file was an old VISA gift card, long since expired. The 2,400 M$ banana dollars that were already in my account were drained, though. Sucks, but at least the damage was limited. Still, I've got 3 preorders dropping next Tuesday and a Live account that's locked until at least early December (and, by the looks of this thread, maybe longer).
Does anyone have any idea how they might be exploiting this recovery process? I.e. do they have my e-mail address/password combination (so I should be changing it on other sites that use that combo, as I have been), or were they able to recover the account without that info via some exploit?
If M$ is aware of this issue and it is an exploit that resulted from allowing gamertags to switch regions (what I gather from earlier comments in this thread), why isn't M$ reverting to an older system? I mean, yea, they'll upset the people who want to change region, but I have to assume that number of people is much lower than the amount of accounts left vulnerable to a known exploit/attack.
Does anyone have any idea how they might be exploiting this recovery process? I.e. do they have my e-mail address/password combination (so I should be changing it on other sites that use that combo, as I have been), or were they able to recover the account without that info via some exploit?
If M$ is aware of this issue and it is an exploit that resulted from allowing gamertags to switch regions (what I gather from earlier comments in this thread), why isn't M$ reverting to an older system? I mean, yea, they'll upset the people who want to change region, but I have to assume that number of people is much lower than the amount of accounts left vulnerable to a known exploit/attack.
So my account was hacked September 24, transferred to Colombia and the guy is playing Gears of War and Dante's Inferno. Really?
Anyway I think I have gotten good communication with Microsoft support on my issue.
In regards to why it's happening, here's some research you may find valuable to keep your account safe:
Account Safety Guidelines
Avoid Phishing: Never reveal personal information, don't visit unsafe sites. A good way to block spyware websites is to use noscript.
Avoid Social Engineering:: Most of these tips regard social engineering, which is where a hacker accesses services and customer support of services you use in order to piece together pieces of your identity. If they only manage to grab your email one time, they might get your phone number the next, your address... This all falls on the weakest security of services you give this information to.
-Fill up the alternate emails on your account so a new one cannot be added. Users have reported that unknown email addresses were added to their accounts, (some @yahoo.cn). This is apparently preventable by filling up all the alternate email slots.
-Use a unique address that cannot be traced to you easily.
-Use a unique email. Extremely important.
-Use a unique password. Extremely important.
-Use a unique phone number that cannot be traced to you easily.
++For any accounts connected to your account, make sure to give no real personal information. Make sure to follow the same guidelines. For example, this means your EA ID should not have the same email and/or password as your Live ID.
I thought type of thing was a drag and didn't do it, maybe that's why I lost my account. When I get it back I'm gonna go through this list. :/
Anyway I think I have gotten good communication with Microsoft support on my issue.
In regards to why it's happening, here's some research you may find valuable to keep your account safe:
Account Safety Guidelines
Avoid Phishing: Never reveal personal information, don't visit unsafe sites. A good way to block spyware websites is to use noscript.
Avoid Social Engineering:: Most of these tips regard social engineering, which is where a hacker accesses services and customer support of services you use in order to piece together pieces of your identity. If they only manage to grab your email one time, they might get your phone number the next, your address... This all falls on the weakest security of services you give this information to.
-Fill up the alternate emails on your account so a new one cannot be added. Users have reported that unknown email addresses were added to their accounts, (some @yahoo.cn). This is apparently preventable by filling up all the alternate email slots.
-Use a unique address that cannot be traced to you easily.
-Use a unique email. Extremely important.
-Use a unique password. Extremely important.
-Use a unique phone number that cannot be traced to you easily.
++For any accounts connected to your account, make sure to give no real personal information. Make sure to follow the same guidelines. For example, this means your EA ID should not have the same email and/or password as your Live ID.
I thought type of thing was a drag and didn't do it, maybe that's why I lost my account. When I get it back I'm gonna go through this list. :/
LordCrono27
CAGiversary!
i've had my account locked since AUGUST 21st.... YEA gg. this is retarded.
Just use as strong of passwords as possible is about all you can do. And again, it's not just EA accounts being compromised. It's that and a new migration program being exploited.
Just not a lot that can be done but use good passwords, change them regularly (which I failed to do) and hope for the best.
It's more an issue that EA accounts and MS's migration program in Europe have gotten hacked and exploited and users are getting screwed because of their security flaws rather than anything they did or didn't do themselves.
Just not a lot that can be done but use good passwords, change them regularly (which I failed to do) and hope for the best.
It's more an issue that EA accounts and MS's migration program in Europe have gotten hacked and exploited and users are getting screwed because of their security flaws rather than anything they did or didn't do themselves.
DOMINATOR912
CAGiversary!
- Feedback
- 5 (100%)
I agree with most of the guidelines except the unique email part. I'm expected to have a different email for every account I make across the internet?
[quote name='GUNNM']What's the migration system?[/QUOTE]
Before in every country you had to have your account region set to the country you lived in.
Some countries they've changed that and let them keep say a Russian account in a neighboring country.
Hackers have exploited that, and that's how I got hacked. My account got migrated to Russia despite my gamertag never leaving my console. I have Russian on my dashboard despite the language being set to english, the "my account" page on X-box.com is in Russian and my console goes to the Russian Marketplace.
Before in every country you had to have your account region set to the country you lived in.
Some countries they've changed that and let them keep say a Russian account in a neighboring country.
Hackers have exploited that, and that's how I got hacked. My account got migrated to Russia despite my gamertag never leaving my console. I have Russian on my dashboard despite the language being set to english, the "my account" page on X-box.com is in Russian and my console goes to the Russian Marketplace.
DurbanBrown
CAGiversary!
- Feedback
- 61 (100%)
real brutal, hopefully they stop this crap soon
Rep told me my account was suspended right away when I first called, but when I check it on XB.com it only said "this account is suspended due to a billing issue, please add a credit card or paypal account".
I added a $5 limit shopsafe virtual CC# and now my account looks like it's back to normal. Looks like the only thing the CS Rep did was remove my old expired CC info leaving a blank spot so that messed up the account.
Tonight I'll test the actual system. if I'm still good I'm not calling them back until I'm darn well ready to give up my account again for a month. (my call was on 10/28, lost 4,000+ prepaid MSP)
I added a $5 limit shopsafe virtual CC# and now my account looks like it's back to normal. Looks like the only thing the CS Rep did was remove my old expired CC info leaving a blank spot so that messed up the account.
Tonight I'll test the actual system. if I'm still good I'm not calling them back until I'm darn well ready to give up my account again for a month. (my call was on 10/28, lost 4,000+ prepaid MSP)
[quote name='Kerig']Rep told me my account was suspended right away when I first called, but when I check it on XB.com it only said "this account is suspended due to a billing issue, please add a credit card or paypal account".
I added a $5 limit shopsafe virtual CC# and now my account looks like it's back to normal. Looks like the only thing the CS Rep did was remove my old expired CC info leaving a blank spot so that messed up the account.
[/QUOTE]
I've removed my old info and replaced it and it removes that error from the website but I still get the error when actually on my console.
I added a $5 limit shopsafe virtual CC# and now my account looks like it's back to normal. Looks like the only thing the CS Rep did was remove my old expired CC info leaving a blank spot so that messed up the account.
[/QUOTE]
I've removed my old info and replaced it and it removes that error from the website but I still get the error when actually on my console.
bread's done