Xbox Live Account Hacked Thread and Guide

MrPiggles

CAGiversary!
Feedback
62 (100%)
I'm thinking, now with all these XBL Account hackings going on, a good guide on what to do if your Xbox Live Account does get hacked would be a good idea. This is a wiki thread so feel free to add/change anything.

1. How to tell if my account has been compromised?
- If you have your credit card or Paypal linked to your Xbox account and you recieve a bunch of emails from Microsoft thanking you for purchasing Microsoft Points
- If you notice your Microsoft Points balance has been drained out and you go to billing.microsoft.com and see that they have been used on things you have not purchased, typically FIFA DLC
- A large amount of Microsoft Points were purchased using your credit card of Paypal
- You go to live.xbox.com/en-US/Profile/Protection and notice that you have been signed into consoles you do not remember
- You notice achievements for games you've never played, typically FIFA games
- Your gamertag, friends list, or profile has been changed
- If you have difficulty logging into your account

2. What to do after your account has been compromised?
- Do not download any of the content the hacker purchased to your Xbox
- Remove any payment info you have linked to your XBL account here: live.xbox.com/en-US/ManagePaymentOptions (Tip: To turn off auto-renewal without calling phone support, set your state to Illinois)
- Change your password and security question to something completely different then what you had before here: account.live.com
- Go to Xbox 360 Profile Protection and sign out of all your consoles here: live.xbox.com/en-US/Profile/Protection
- Call Xbox Phone Support (their twitter, chat, and email support can't help) and tell them your account has been compromised (and if you have any other subscriptions, like COD ELITE, mention it), you can find their number here: support.xbox.com/en-US/contact-us Make sure you have your Windows Live ID and our Console ID and serial number readily available (found in your console settings)
- Contact Paypal and/or your credit card company and have them refund any charges
- For more info on what to do, visit here: xbox.com/en-US/Live/Account-Security/What-To-Do

3. What now?
- You won't be able to sign into any Xbox 360 on the compromised account for the extent of the investigation. You can still play offline on your account, but you'll lose any offline achievements on your account following the investigation, since you'll have to re-download your profile.
- It'll take them at least 15 days, typically 25 days, and possibly more depending on the complexity of your issue (whether it was hacked from a different country, whether your content licenses were migrated, etc.)
- In a couple of days, they'll email you a 1-month XBL Gold code to make up for lost time. You can use this on your existing account or make a new XBL account
- During the investigation period, you can call Xbox Support to check up on it (nagging them might help speed up the investigation)
- Once your investigation has been resolved, they'll call you. You'll usually be refunded any money charged and any Microsoft Points the hacker used within the next 1-2 payment days
- Microsoft usually doesn't remove any content the hackers purchase, so you'll get to keep that at least.
- Microsoft is also unable to remove any achievements related to your hacking.
- If you had a lot of personal info stored on your Windows Live ID, consider buying Identity Protection services
- If after 25 days your investigation still has not been resolved, you can file a complaint with the Better Business Bureau here: bbb.org This may help speed up the investigation; if you do file a report, make sure to mention it the next time you call Xbox Support

4. How to protect your account?
- Make sure your password for your Xbox account is unique (not used on any other sites) and is at least 8 characters, and contain upper case letters, lower case letters, numbers, and non-alphanumerical characters, and within the password, you have at least one word
- Don't login using your Windows Live ID on public computers and networks
- Beware of phishing emails and sites
- Don't link your Paypal or credit card to your XBL account (if you want to pay with them, briefly link them to your XBL account, buy whatever you need, and unlink them) and DEFINITELY do not pay with debit cards since they're harder to dispute charges
- Buy prepaid Microsoft Points instead, and only activate them right before you're about to spend them, so hackers can't steal anything
- Enable automatic HTTPS for your live account here: account.live.com/ManageSSL
- Make sure your computer is virus free, if you don't an antivirus, these are some good free alternatives (only install 1): avast!, Avira, AVG, or Microsoft Security Essentials
- Xbox has a pretty thorough checklist here: xbox.com/en-US/Live/Account-Security/Security-Checklist

A few last notes: Most XBL accounts are hacked for buying FIFA DLC which can traded and therefore sold for cash. Most account compromises come from either social engineering, or really lucky brute-forcing. And a little terminology thing, your XBL account isn't "hacked", which is someone using loopholes in the network infrastructure to gain access to individual XBL accounts. At this point, this seems highly unlikely. However, there are still many unknowns to the current XBL "hacking" situation.
The PSN outage in spring was due to a hack. Your PSN account may have been compromised by a outside intruder. Sony shut down PSN for months in order to protect any further intrusion. For more information about different kinds of Xbox Account Theft, visit here: xbox.com/en-US/Live/Account-Security/Stolen-Account

Update: Eurogamer and Analoghype have some pretty good explanations for the account hackings. Looks like because of a design flaw on the Xbox website, it can be easily bruteforced and combined with social engineering to harvest potential Window Live ID email addresses, that's how the hackings are going down.
 
Last edited by a moderator:
Very good job on this much-needed faq.

I would like to add if you only purchase prepaid cards, and only activate them on your account when you plan to spend most of them you will probably be safe. Especially if you don't have credit card or paypal information linked to your account. If you just keep a couple hundred points in your account at any time you will probably be safe, a hacker isn't gonna bother to go after someone for 200 points, they want someone who has a large balance like 6000 points.

I have had my accounts hacked in several places so I do not recommend linking your credit card to any gaming or service account like iTunes, PSN, Nintendo or Xbox live. They will all be hacked eventually by someone and this can really save your butt, by not linking a credit card to my accounts I know I have saved my butt a few times. You can get prepaid cards for all these services pretty much anywhere and usually cards can be found at a discount so I see no issues with not using your credit card on these types of accounts.
 
[quote name='SaraAB']Very good job on this much-needed faq.

I would like to add if you only purchase prepaid cards, and only activate them on your account when you plan to spend most of them you will probably be safe. Especially if you don't have credit card or paypal information linked to your account. If you just keep a couple hundred points in your account at any time you will probably be safe, a hacker isn't gonna bother to go after someone for 200 points, they want someone who has a large balance like 6000 points.

I have had my accounts hacked in several places so I do not recommend linking your credit card to any gaming or service account like iTunes, PSN, Nintendo or Xbox live. They will all be hacked eventually by someone and this can really save your butt, by not linking a credit card to my accounts I know I have saved my butt a few times. You can get prepaid cards for all these services pretty much anywhere and usually cards can be found at a discount so I see no issues with not using your credit card on these types of accounts.[/QUOTE]

Thanks, added
 
Having a credit card linked isn't a huge hassle as it's easy enough to dispute charges and not have to pay anything. I'll remove mine from my Live account when I get it back as I don't buy all that much stuff anyway. But I like the convenience of having it stored in other places like iTunes etc.

I thankfully didn't get any CC charges from this hacking, just 1200 points spent and my account migrated to Russia (which is why it's taking ages--reported it on October 25th).

However, the bigger key is to NOT use a debit card (i.e. Visa check card), Paypal etc. as if you get hacked and money is charged to those then it's physically gone from your checking account and you have to wait to be refunded--rather than just disputing a credit card charge.
 
[quote name='dmaul1114']Having a credit card linked isn't a huge hassle as it's easy enough to dispute charges and not have to pay anything. I'll remove mine from my Live account when I get it back as I don't buy all that much stuff anyway. But I like the convenience of having it stored in other places like iTunes etc.

I thankfully didn't get any CC charges from this hacking, just 1200 points spent and my account migrated to Russia (which is why it's taking ages--reported it on October 25th).

However, the bigger key is to NOT use a debit card (i.e. Visa check card), Paypal etc. as if you get hacked and money is charged to those then it's physically gone from your checking account and you have to wait to be refunded--rather than just disputing a credit card charge.[/QUOTE]

Thanks, I'll make mention of the debt card part in the main thread
 
[quote name='Dark Rider']Great thread. Glad to see this got stickied. I can only hope this helps less CAGs to get hacked.[/QUOTE]

Me too
 
Actually its not necessarily related to FIFA as this article indicates. There seems to be a few separate things going on here, yes the FIFA hacks are part of it but another part of it is that accounts are being sold on 3rd party foreign websites with points already on them.

http://kotaku.com/5873604/is-micros...roblem-worse-than-microsoft-realises?tag=xbox

So a big warning here would be to NOT link your paypal account to your Xbox Live account or use it to purchase points in any way. This could be a huge problem as I think they can get your bank account information if they have your paypal account, which is a lot worse than someone just stealing your credit card information.

I never imagined just paying for stuff on online service sites could potentially cause all these problems...

Another thing that should be added is that the person has not done anything wrong by adding their credit card or paypal accounts to their xbox live accounts, its really not the users faults even if they have insecure passwords Microsoft should really be preventing this type of hacking from occuring since its such a huge problem now.
 
[quote name='Curufinwe']Great thread, but I don't think is a good indicator of being hacked because MS seems to count using a PC to play a GFWL game or just logging on to Xbox.com as visiting another console.

- You go to live.xbox.com/en-US/Profile/Protection and notice that you have been signed into consoles you do not remember[/QUOTE]

I'm pretty sure the profile tool only affects consoles, since it only mentions it'll sign you out of consoles in the description, and I play GFWL games on my PC too and sign into xbox.com frequently and it only shows that I'm signed into one console, my Xbox 360.


[quote name='SaraAB']Actually its not necessarily related to FIFA as this article indicates. There seems to be a few separate things going on here, yes the FIFA hacks are part of it but another part of it is that accounts are being sold on 3rd party foreign websites with points already on them.

http://kotaku.com/5873604/is-micros...roblem-worse-than-microsoft-realises?tag=xbox

So a big warning here would be to NOT link your paypal account to your Xbox Live account or use it to purchase points in any way. This could be a huge problem as I think they can get your bank account information if they have your paypal account, which is a lot worse than someone just stealing your credit card information.

I never imagined just paying for stuff on online service sites could potentially cause all these problems...

Another thing that should be added is that the person has not done anything wrong by adding their credit card or paypal accounts to their xbox live accounts, its really not the users faults even if they have insecure passwords Microsoft should really be preventing this type of hacking from occuring since its such a huge problem now.[/QUOTE]

That information is irrelevant, since I'm only talking about how to protect your account in the thread, not whether's its right or wrong to add CC info, and the overwhelming majority of hacks are FIFA related, and the reason behind the hacks isn't really that relevant either.
 
One thing they could do is close that loophole of being able to keep trying with wrong passwords.

Make it so after 5 or 8 failed attempts the account gets locked and the user has to do something to reset the password. Be it going through a bunch of secret questions, entering a text message code they get sent to their phone, calling into MS customer support etc.

Bank sites etc. tend to do that kind of thing. No reason Windows Live can't. Still not foolproof. But at least more security than currently.

One lesson I guess is to be careful about keeping your e-mail address private. That's one thing that could have got me as I use my hotmail e-mail address for tons of different sites as it's where I get all my order confirmation, facebook notifications etc. sent. I use different passwords on different sites, but mostly use that same e-mail. So my hacker definitely could have gotten my e-mail from various places and brute forced the password.

When I get my account back, I'll make a new Windows Live ID and use it for nothing but my xbox live account. I'll also be sure to never log in to Xbox.com as there's some speculation that Windows Live IDs may have been capture through a security flaw on that site.
 
Great thread. Decided to be proactive and call to get my CC information removed from my account; I'm already paid up for Gold until 2013 anyway. The rep had to bump me down to a free account, and then issue me a bunch of codes for 19 months of Gold to get me back to where I was. :lol:
 
[quote name='LondonGaijin']More and more details emerging on the way people are being hijacked:
http://www.analoghype.com/video-gam...ribility-exposed-microsoft-ignored-the-truth/[/QUOTE]That's more than a little scary. Glad I only play online via XBL very seldomly.

[quote name='Ryuukishi']Great thread. Decided to be proactive and call to get my CC information removed from my account; I'm already paid up for Gold until 2013 anyway. The rep had to bump me down to a free account, and then issue me a bunch of codes for 19 months of Gold to get me back to where I was. :lol:[/QUOTE]That's what I had to do when I had to remove an expired card from my account a couple of years ago. I have Gold paid up until 2014, always use XBL cards for Live and always use XBLM points cards to add points to my account. Never see a reason to have a CC on my account, and now, it seems like an even better idea now.
 
Just logged in and saw my 5000 points balance was down to 20 and all kinds of shit had been downloaded from my account. :(

I haven't called yet but changed the password and ran the Profile Protection. Really don't want to be offline for a month. This blows.
 
[quote name='phantomfriar2002']Just logged in and saw my 5000 points balance was down to 20 and all kinds of shit had been downloaded from my account. :(

I haven't called yet but changed the password and ran the Profile Protection. Really don't want to be offline for a month. This blows.[/QUOTE]

Don't worry, they'll email you a new 1-month XBL Gold Code in a couple of days after you call them, and you'll get your MSP back.
 
My account was hacked yesterday. Figured it out today, saw about $50ish in Xbox points were gone. Pending investigation now. It was the FIFA hack. Last game played was FIFA, and all the content bought was FIFA. :cry::cry::cry::cry:
 
And you have no EA games played on your account its obviously something more than just having an EA account at this point but MS won't say or do anything.
 
Thanks form the great thread, op. I'm trying to safeguard as much as possible. Question though, what about those XBLA apps for smartphones? They could create added exposure right?
 
[quote name='chubbyninja1319']Thanks form the great thread, op. I'm trying to safeguard as much as possible. Question though, what about those XBLA apps for smartphones? They could create added exposure right?[/QUOTE]

They could, but I doubt any hackers would be using one of those as their "hack source" so you should be alright using those.
 
[quote name='utopianmachine']My account was hacked yesterday. Figured it out today, saw about $50ish in Xbox points were gone. Pending investigation now. It was the FIFA hack. Last game played was FIFA, and all the content bought was FIFA. :cry::cry::cry::cry:[/QUOTE]

The content purchased on my account was all over the place -- a Queen song from Rock Band, NBA JAM ON FIRE EDITION, several other Live games...nothing from FIFA.

Either way I don't care how long it takes as long as my MS points get restored.
 
Rift (IIRC) was the only thing purchased on mine. But I didn't have a lot of points on their and was at home when the migration e-mail popped up so I got it locked down right away.
 
[quote name='phantomfriar2002']The content purchased on my account was all over the place -- a Queen song from Rock Band, NBA JAM ON FIRE EDITION, several other Live games...nothing from FIFA.

Either way I don't care how long it takes as long as my MS points get restored.[/QUOTE]

Well, if that's the case, you may have gotten a little lucky since Xbox Live never removes content that the hacker purchases from your account if it gets hacked, and they still refund the MSP, so after the investigation, you'll get a couple of games and songs for free at least.

Update: And here's an Eurogamer article that helps explain how the hackings are probably going down: http://www.eurogamer.net/articles/2012-01-13-is-this-the-hack-used-to-exploit-xbox-live-accounts
 
Last edited by a moderator:
I guess that's good news for those of us who haven't been hacked yet. It still seems like the major issue was the security breach at EA and people who had the same email and password between their Live and EA accounts.
 
[quote name='GUNNM']But for those with crazy passwords and symbols I doubt it was brute force that got their passwords[/QUOTE]

Hard to say. Hackers just run programs to keep trying, so when it was unlimited attempts they could get any password eventually by just letting their script run.

That said, I am skeptical that brute force is the only issue. I really think EA got hacked and those of us that had the same passwords on our EA accounts as our Windows Live accounts got hacked that way.

My thoughts are there are just multiple different ways accounts are getting compromised. The Fifa content packs that can be monetized has just given hackers a lot more incentive to focus on stealing XBL accounts since they can basically use it for money laundering, where as before all they could do was buy games and MS points for themselves. Being able to get cash is more incentive to steal accounts.
 
What is the deal with this FIFA DLC anyway? What is different about it that allows it to be resold for money, does anyone know?
 
As I said before if you don't have payment information on your account and you have no points in your account you should be safe. If you are buying points cards and entering them, then make sure you use them right away. Do not leave a large amount of points in your account for any time period.

They are looking for people with payment information in their account so they can buy more points and live subscriptions with that information. If you are already have points in your account then they will hack your account in order to sell it on a black market site or spend the points on FIFA cards.

Definitely don't link your paypal account to MS in any way, especially if you have your bank account linked to paypal. It would be very bad if a hacker got into your bank account, much worse than even a hacker stealing your credit card information, which is bad enough but a little bit easier to deal with than having money drained from your bank account.
 
[quote name='Ryuukishi']What is the deal with this FIFA DLC anyway? What is different about it that allows it to be resold for money, does anyone know?[/QUOTE]
Unlike MS points you can trade the fifa packs. If MS was smart why wouldn't they just trace where the packs were going?
 
[quote name='SaraAB']As I said before if you don't have payment information on your account and you have no points in your account you should be safe. If you are buying points cards and entering them, then make sure you use them right away. Do not leave a large amount of points in your account for any time period.
[/QUOTE]

While that's true, it's hard to do.

There are often better deals on 4000 point cards than their are 1600 point cards, and most of us aren't going to spend 4000 points right away as we wait for deals on XBLA games and DLC.

So that's not something I'm willing to worry about. Plus, I only had like 2100 points or something on my account. I did have a CC attached, but it didn't get any charges (probably just because I got the account locked down so quickly). I will be removing that ASAP when I get the account back.

But I have a 4000 point card that I will enter eventually (first time I need points to buy something) and will thus carry a balance for a while. I'll just try to beef up my security by putting it on a new Windows Live ID that I use for nothing else, having a very long password etc. and just hope for the best.
 
[quote name='GUNNM']Unlike MS points you can trade the fifa packs. If MS was smart why wouldn't they just trace where the packs were going?[/QUOTE]

I don't think they're having problems catching and banning the hackers.

There's just a backlog of cases so it's taking a month or two to get the simple fraud cases dealt with.

And with the international migration cases like mine there's apparently international law issues with transferring the software licenses back to the US and having to rebuild the account manually etc. that has it taking around 4 months on average from what I've seen on other sites.
 
So somebody tried to get my account, but I was able (I hope) to stop them by requiring a profile re-download, and quickly changing my password.

Should I still contact Microsoft to see if they can track who tried to take my account? I don't want to lose it for several weeks because of this.

Also, remove your Gamertag information off of this site. It's definitely being targeted.

And is there a way I can change my account name on here?
 
[quote name='The Ebbtide']Also, remove your Gamertag information off of this site. It's definitely being targeted.[/QUOTE]

That's sound advice. I'd been meaning to do that for awhile, so I appreciate the reminder.
 
Can I remove my account info once it has been entered or do they require at least on card at all times after that? Seems like I've tried to remove all cards before but was unable.
 
[quote name='The Ebbtide']So somebody tried to get my account, but I was able (I hope) to stop them by requiring a profile re-download, and quickly changing my password.

Should I still contact Microsoft to see if they can track who tried to take my account? I don't want to lose it for several weeks because of this.

Also, remove your Gamertag information off of this site. It's definitely being targeted.

And is there a way I can change my account name on here?[/QUOTE]

You probably should still contact them, just in case. And if you want to change your account name, PM a mod
 
Just wanted to post that although my account was hacked last Friday and all $50ish of my points spent on FIFA stuff, I got my account back today. All points were restored. Even got two months of Live out of it.

I'm very pleased, especially after hearing about bad experiences from others. The quick resolution and complete refund of my points has definitely satisfied me.
 
At least it seems like they've finally streamlined the process for people who just had fraudulent purchases.

Now if they'd do something for those of us who had our accounts migrated to other countries....
 
I looked and I remember what the issue is. Is there a way to remove my card from my account, but still somehow maintain my current renewal rate for Live? I'm scheduled to renew at 29.99, but I'm worried if I take the card off and go to paying with Microsoft Points that I won't maintain this rate. Any experience with this anyone?
 
[quote name='dmaul1114']While that's true, it's hard to do.

There are often better deals on 4000 point cards than their are 1600 point cards, and most of us aren't going to spend 4000 points right away as we wait for deals on XBLA games and DLC.

So that's not something I'm willing to worry about. Plus, I only had like 2100 points or something on my account. I did have a CC attached, but it didn't get any charges (probably just because I got the account locked down so quickly). I will be removing that ASAP when I get the account back.

But I have a 4000 point card that I will enter eventually (first time I need points to buy something) and will thus carry a balance for a while. I'll just try to beef up my security by putting it on a new Windows Live ID that I use for nothing else, having a very long password etc. and just hope for the best.[/QUOTE]

Yeah, I know its hard to do, but its the only sure fire way. I am just really lucky I didn't have an Xbox Live account with payment information on it before this debacle, because even people with expired info on their accounts are getting hacked. Which means I can keep my account safe. Even so I think it would be much easier to get your points refunded if you only had points and no other info on your account, this way you wouldn't have to deal with your credit card companies or your bank.
 
bread's done
Back
Top