Jump to content



Photo
- - - - -

Xbox Live Account Hacked Thread and Guide


  • Please log in to reply
149 replies to this topic

#91 dmaul1114

dmaul1114

Posted 29 January 2012 - 12:20 PM

Of course I didn't expect to get any help. That's just what phone support told me to do. I haven't gotten any help from any of MS's terrible customer support over the past 3 months. Nothing got done until I filed a BBB complaint and got a call from a person from the MS corporate office. I'm just going to call him again tomorrow when he's back in and see if he can get these idiots to take care of this.

How they investigate a hacked account for 3 months and then give it back with a ban left on it for something the hacked did is beyond me.

It's absurd how innefficient Xbox customer support is. The phone support can't contact the investigations team nor the enforcement team that deals with bannings. And apparently the investigations team and enforcement team don't work directly together either. Just ridiculous.

#92 dmaul1114

dmaul1114

Posted 29 January 2012 - 02:20 PM

I have not gotten any response to my 2nd post on the support forum, nor the PM's to the XBLPET members so I just called up phone support again.

Had to file another Unauthorized Access claim and had them write up all the details that the investigation had been completed (made sure he put in the case number for that) but the account was returned with a ban on it for something the hacker did, so hopefully they take care of it quickly. He said it should be about 3 days as they've gotten faster on these, and this should be a quick resolution since the refund etc. is taken care of and it just needs unbanned.

Not holding my breath though.

#93 dmaul1114

dmaul1114

Posted 30 January 2012 - 06:29 PM

Spoke to the exceptions analyst from MS corporate. He said what had happened is the enforcement team investigation determined the behavior that got my account banned happened before the account was reported as compromised on Oct 25th.

The banned offense was for trying to steal other accounts! So obviously the hacker had my account stole before I was aware of it being stolen on the 25th (that's when it got migrated to Russia and I got an automated e-mail confirming the region change) and was using it to try to steal other accounts.

Just baffling that wasn't obvious to the investigation team. The account was under control of an account thief, and they're obviously using stolen accounts to steal more accounts to cover their tracks. And this guy who hacked mine apparently did this before my account got migrated Russia and I reported the hacking. I'd have been unaware of anything prior to that e-mail popping up as I wasn't gaming a lot in the fall before the hacking as I was swamped with work--so they think it was still under my control.

Anyway, the rep apologized, said he believes me and is contacting the investigations team to give them all this info, vouch for me and ask them to do a much more thorough investigation. But he said he can't promise me anything and there's a chance it could stay banned. But he'd do his best to get them to take care of it.

This has just been an unbelievably bad customer service experience. At every turn things just get worse. If it weren't for wanting to import my saves into Mass Effect 3 I'd be done with Xbox. If the account stays banned I am done with them.

#94 David Hibiki

David Hibiki

    Well then...

  • CAGiversary!

Posted 30 January 2012 - 07:00 PM

I don't blame you that's terrible experience right there. I would write a e-mail/letter to someone higher up in MS if things don't get resolved. Try to be civil in your letter and if things don't go forward try to get your story published by news websites to get the word out.

I know MS has done well with the RROD after so many years, but this is even more unacceptable imho because It's been going on since August or later and MS hasn't seemed to cover their tracks at all yet. For a billion dollar corporation that's unacceptable imho.

#95 McToots

McToots

    CAGiversary!

  • CAGiversary!

Posted 30 January 2012 - 07:16 PM

This just happened to me in a relatively short period. Between 4am - 730am PST today someone hacked my account (I have hotmail) bought FIFA roster crap and played FIFA 12 using my account. I noticed it so quick because my smarthphone logs into hotmail to check mail and was unable to (invalid password). I got to a computer and went thru the recovery password shtick and then called MS to report my missing points. It's still being escalated. What I'm most pissed about is when this story hit last week, hotmail had just forced me to change my password (I have the 72 day expiratory thing checked) so this person(s) managed to snag a brand new password (and no it was not simple) The agent at MS was exasperated when I mentioned that it was FIFA. Obviously they have been getting a lot of calls about this. If it is brute force because xboxlive.com does not block repeated password attempts, is there anything I as a user can do to prevent a comprise happening again in the future?


UPDATE:
I received an email this morning from Microsoft with redemption codes for the points I lost plus 1 month of live. Something obviously is amiss that this keeps happening to people and being used for the same thing (FIFA Crap) In the end though, I was satisfied with the speedy response from MS.

#96 dmaul1114

dmaul1114

Posted 30 January 2012 - 07:52 PM

I don't blame you that's terrible experience right there. I would write a e-mail/letter to someone higher up in MS if things don't get resolved. Try to be civil in your letter and if things don't go forward try to get your story published by news websites to get the word out.

I know MS has done well with the RROD after so many years, but this is even more unacceptable imho because It's been going on since August or later and MS hasn't seemed to cover their tracks at all yet. For a billion dollar corporation that's unacceptable imho.


As noted, I filed a BBB complaint and that's put me in touch with an exceptions analyst from the MS corporate office. He got the account migrated back and all that jazz, so now just have to see if he can get the enforcement team to remove the ban.

Other than that nothing to do. Though I will pass my story onto some of the gaming news sites that have done stories about these hackings if it isn't resolved. I won't bother with wasting my time with MS. If this guy doesn't get the account fixed, MS will never get a cent of my money again.

#97 Allnatural

Allnatural

    CAGiversary!

  • CAGiversary!

Posted 30 January 2012 - 07:53 PM

This has just been an unbelievably bad customer service experience. At every turn things just get worse. If it weren't for wanting to import my saves into Mass Effect 3 I'd be done with Xbox. If the account stays banned I am done with them.

Fuck, dude. This is why I keep my main profile offline. Still, I might be safe from hacks but a corrupted profile (which seems to happen all too easily) could bork all my saves.

Meanwhile, I have saves on a PS2 memory card going back almost a decade.

#98 dmaul1114

dmaul1114

Posted 30 January 2012 - 08:04 PM

Yeah, it was very bad decision for them to tie game saves to gametags that can be hacked/stolen, banned etc.

Just overall, the move to consoles being so online-driven has been largely a negative for people like me who haven't really gotten into online gaming much. Worry about hacks, games rushed out with bugs as they can be patched later etc. etc.

#99 dmaul1114

dmaul1114

Posted 31 January 2012 - 09:45 PM

Heard back from the corporate rep again.

The enforcement team got back to him, and they are keeping the ban! They didn't give him any details on why, and he said there's not much he can do as he explained the situation to them and asked them to look into it again. And that's all he can do as they keep the enforcement team isolated from everyone else, and they never give even other units at MS much detail on their decisions. Only other thing he's going to do is see if he could get the 1910 points on my banned account transferred to my other tag--but I doubt that will happen since I know it's policy that any remaining points on a banned account are foreited.

He encouraged me to take any other recourse I can in terms of filing complaints if I feel wronged, and said he feels terrible about it because he believes me. But apparently the enforcement team won't listen to reason and just see that the account was reported compromised on October 25h, and the violations happened prior to that.

As I said yesterday, there's no record of suspicious activity before the account migration happened since these people are stealing windows live IDs and stealing or brute forcing the password so they have no way of knowing it wasn't me using the account at any date prior to the day the hacker migrated it to Russia and I got the e-mail and called in and reported it.

I'm just absolutely furious over this whole ordeal. I'm damn tempted to just go ditch all my 360 stuff at Gamestop (don't have the patience to bother trying to sell it on Craigslist etc.) and pick up a PS3 tonight. Logistically it makes more sense to play Skyrim and Arkham City on another Gamertag. But hell, I could get 1000 points ($50 worth) in Goozex Instant trades for those and use that on PS3 games. Other hesitation is that Skyrim apparently sucks on PS3, but I really don't have time for that game right now anyway.

So I just need to decide what to do on that front, and decide if I want to bother taking any other recourse. I probably won't bother with another BBB complaint as it wouldn't do any good. And at this point I don't even want the damn account back as I don't want to do any future business with MS, period. But I'll probably forward my experience on to a gaming site. Probably Giantbomb as MSUHitman on here had suggested that as they've ran some stories about MS's poor response to this rash of hackings.

#100 Allnatural

Allnatural

    CAGiversary!

  • CAGiversary!

Posted 01 February 2012 - 02:22 PM

Zero tolerance prevails once again. :roll:

#101 dmaul1114

dmaul1114

Posted 01 February 2012 - 04:37 PM

Yeah it's absolutely ridiculous. I did end up ditching the 360 last night and getting a PS3. Just no way I can enjoy gaming on the 360 after that experience.

Didn't want to hassle with selling the console so I just took the loss and traded it in at Gamestop--at least they have a promo for an extra $40 on 360 console trade ins now to soften the blow so.

Already got 10 of my 360 games matched up and ready to send off on Goozex, so I'll have a ton of points to use to get PS3 games I missed out on, as well as some movies.


Anyway, I posted a blog here on CAG about my experience. Nothing I haven't posted in this thread or others in this forum, but it's the full story in one place.

Feel free to link to it on other forums or send it to blog sites you read etc. Maybe if it gets some publicity MS will have to change their practice and none of you guys, or any other gamers, get put through the ringer like I did!

http://www.cheapassg...log.php?b=23483

#102 SaraAB

SaraAB

    CAGiversary!

  • CAGiversary!

Posted 01 February 2012 - 04:57 PM

Yeah, I would have done what you did, I was tempted to ditch my XBox after finding out about these hackings but I just bought the thing and invested a ton of money in games I did not play this gen so that would not make much sense for me to do, and the PSN was hacked too so no one is safe and its not like it couldn't happen again. It actually made me regret purchasing an xbox for a bit and that I probably should have gotten the PS3.

You could also post your story to the consumerist, they would probably run that story but considering the time you already put into the account trying to get it back, aka time that you could have been gaming you probably don't want to put any more time into trying to figure out how to get that account unbanned.

#103 dmaul1114

dmaul1114

Posted 01 February 2012 - 04:59 PM

Oh, I'm sending my story out there. Even if I don't really need the account back now, I want MS to get the negative PR they deserve for this shit.

Already got a call from a news editor with Joystiq in response to my story I sent him. He asked for permission to forward it on to the people at MS he's been talking to, to see if that helps get it resolved, and to keep him updated on their response as his site is still working on following this hacking story.

#104 SaraAB

SaraAB

    CAGiversary!

  • CAGiversary!

Posted 02 February 2012 - 02:07 AM

Congrats, sounds like you got a resolution via kotaku, sad that you had to go through all this though and 3 months away from your games instead of just getting a resolution from them right away which is what should have really happened.

The problem is that innocent people DO get banned and MS doesn't seem to be willing to let anyone get un-banned, even if they are truly innocent, even though we know an account can definitely be unbanned.

The bad thing about this is you lose access to all your saves, DLC and money that may have been spent on Xbox Live membership, and your account is basically held hostage by its gamertag and the game saves that are tied to it. This means you can't even finish a game you were playing until you get your gametag back. Hands down the worst decision MS ever made, tying game saves to the gamertag.

#105 dmaul1114

dmaul1114

Posted 02 February 2012 - 03:26 AM

Yeah, it's a bunch of crap the way they can ban accounts.

What makes me happiest about this is that in that Kotaku write up Microsoft admitted fault and said they were changing part of their investigation practices so the same mistake that led to my banning doesn't happen again.

And it's not just Kotaku that got it resolved, but also a lot of CAGs who bombarded gaming sites and Xbox support staff Twitter feeds after reading my blog I posted on CAG earlier today. As well as the editor of Joystiq who also contacted MS on my behalf.

For those that missed my blogs here are links. The 1st just outlines everything I've posted in here and other threads about the hackings in other threads in the 360 forum. The second outlines MS's response after the uproar that sprung from that belong, and their explanation of what happened in my case.

http://www.cheapassg...log.php?b=23483

http://www.cheapassg...log.php?b=23488

#106 retro.elite

retro.elite

Posted 03 February 2012 - 08:39 PM

Thanks for this guide. My brothers account got hacked today, and he lost 2040 points with FIFA 12 achievement. Contacted the support for him, hopefully it get resolved soon.

Posted Image


#107 Dark Rider

Dark Rider

    Looks Dashing

  • CAGiversary!

Posted 06 February 2012 - 03:58 PM

Yeah, it's a bunch of crap the way they can ban accounts.

What makes me happiest about this is that in that Kotaku write up Microsoft admitted fault and said they were changing part of their investigation practices so the same mistake that led to my banning doesn't happen again.

And it's not just Kotaku that got it resolved, but also a lot of CAGs who bombarded gaming sites and Xbox support staff Twitter feeds after reading my blog I posted on CAG earlier today. As well as the editor of Joystiq who also contacted MS on my behalf.

For those that missed my blogs here are links. The 1st just outlines everything I've posted in here and other threads about the hackings in other threads in the 360 forum. The second outlines MS's response after the uproar that sprung from that belong, and their explanation of what happened in my case.

http://www.cheapassg...log.php?b=23483

http://www.cheapassg...log.php?b=23488


Happy to see you got everything resolved! Hopefully Microsoft will look further into all the BS that is going on, on their service.

#108 Mega Man

Mega Man

    SUPER FIGHTING ROBOT

  • CAGiversary!

Posted 14 February 2012 - 09:10 PM

ah boy I think my friend just got hacked hes online with FIFA and I keep refreshing his profile and sure enough his first achievement is buying that online pack thing D=

#109 Sideshow

Sideshow

    CAGiversary!

  • CAGiversary!

Posted 15 February 2012 - 08:37 PM

I've also got a similar story about being hacked. Mine wasn't Fifa, though. I'm not trying to create a big deal, but just share my experience. My account got hacked and they purchased mass effect 2 for download. I went through the process of getting my points back and they refunded my points after about a month and also gave me a free month of live. That was all fine, but in the email they told me that they didn't find anything to suggest I had been hacked. Given that, why was I refunded? Also, I just spoke to a rep about getting the Mortal Kombat game on sale that was on sale the week my account was hacked. I was assured the day it was hacked and after the investigation that it could be done, then I was just told they can't do that and to just wait on it to go back on sale...
Posted Image

#110 greyzieoriental

greyzieoriental

    is your Daddy

  • CAGiversary!

Posted 16 February 2012 - 03:08 AM

I got my account hacked. All my points taken and the same FIFA achievement story. I contacted Xbox support, luckily I got someone from the US. I got my points and my account back in a week or less. I did, however, call one time to make sure they were starting the "investigation".

Although it was a quick turn around for me, and I'm pleased about it, I am not pleased about my account being hacked. I know for a fact I haven't signed on to other computers or replied to phishing scams, etc. Also lucky that I didn't have a Credit Card on my account.

That's my story, now back to my xbox games.

#111 Vinny

Vinny

    Bang, bang... pew...

  • CAGiversary!

Posted 17 February 2012 - 01:40 AM

I got my account hacked. All my points taken and the same FIFA achievement story. I contacted Xbox support, luckily I got someone from the US. I got my points and my account back in a week or less. I did, however, call one time to make sure they were starting the "investigation".

Although it was a quick turn around for me, and I'm pleased about it, I am not pleased about my account being hacked. I know for a fact I haven't signed on to other computers or replied to phishing scams, etc. Also lucky that I didn't have a Credit Card on my account.

That's my story, now back to my xbox games.


I just signed up to get the ME3 demo and learned the same fate, with 20 whole points left. Amazing how easily they were able to do this, considering it was after the shitstorm with PSN.

I won't have the time to call until late next week... hopefully they can still help me.

Way to blow MS.:roll:

Currently playing:
:ps3: God of War: Ascension - :)

fyreboltx.png
║My Tradelists: Games, Guides & Game Related GoodiesWantlist


#112 TehMuff1nM4n

TehMuff1nM4n

    CAGiversary!

  • CAGiversary!

Posted 20 February 2012 - 01:50 AM

I just got hacked for a 2nd time within a few weeks. Are you fucking kidding me???


Theres a hole in the system that needs to be fixed.

Edited by TehMuff1nM4n, 20 February 2012 - 02:07 AM.


#113 Vinny

Vinny

    Bang, bang... pew...

  • CAGiversary!

Posted 24 February 2012 - 01:36 AM

They got my account fixed, took roughly a week and all I got was 20 whole bonus points! They just gave me a code to get 1600 points, plus the 20 points the hackers left me with... the DLC the hackers bought have been cleared out too.:roll:

At least Sony gave me 4 games and a month of PSN+.:-/

Currently playing:
:ps3: God of War: Ascension - :)

fyreboltx.png
║My Tradelists: Games, Guides & Game Related GoodiesWantlist


#114 MrPiggles

MrPiggles

    Better Call Saul

  • CAGiversary!

Posted 24 February 2012 - 01:43 AM

If you want to avoid getting hacked, make sure you have a password of at least 8 characters, consisting of uppercase letters, lowercase letters, numbers, and non alphanumeric characters (!;,.?).

#115 Corvin

Corvin

    ...of Gilead

  • CAGiversary!

Posted 29 February 2012 - 01:11 PM

If you want to avoid getting hacked, make sure you have a password of at least 8 characters, consisting of uppercase letters, lowercase letters, numbers, and non alphanumeric characters (!;,.?).


This has been proven to be the least effect password to use despite years of brainwashing people into believing it.

#116 MrPiggles

MrPiggles

    Better Call Saul

  • CAGiversary!

Posted 29 February 2012 - 08:22 PM

This has been proven to be the least effect password to use despite years of brainwashing people into believing it.


Would do you mean? Could you provide a source/links?

#117 dmaul1114

dmaul1114

Posted 29 February 2012 - 11:14 PM

From what I've read (and was told by security people) the best passwords now include a combo of upper and lowercase letters and numbers and symbols, but also include at least one short word.

Reason being the brute force cracking programs can keep trying random combos of letters and numbers, but having a short, real word in the mix makes it harder as they're build around cracking random strings.

#118 shadylane

shadylane

    Believe...

  • CAGiversary!

Posted 06 March 2012 - 04:20 PM

Questions guys,

I'm trying to secure my account by adding a few things:

I added HTTPS on my hotmail account
I created a new live account with my gmail (not sure if I set this up correctly)
created a passcode on my xbox live console
removed all forms of payment
Updated password with upper and lowercase

Should I be doing anything else?

I also have a question about using your gmail as you're login. I was told by microsoft to go into live.com and create a new windows live ID with my gmail account and then change it on the console. Is this correct?

Shadylane310.png



33836.png


#119 MrPiggles

MrPiggles

    Better Call Saul

  • CAGiversary!

Posted 10 March 2012 - 05:30 PM

Questions guys,

I'm trying to secure my account by adding a few things:

I added HTTPS on my hotmail account
I created a new live account with my gmail (not sure if I set this up correctly)
created a passcode on my xbox live console
removed all forms of payment
Updated password with upper and lowercase

Should I be doing anything else?

I also have a question about using your gmail as you're login. I was told by microsoft to go into live.com and create a new windows live ID with my gmail account and then change it on the console. Is this correct?


For the Windows Live ID part, it doesn't matter, and they just want you to use hotmail, I've used gmail as my login for over 2 years now without issue. And yup, everything you're doing looks good, except for the XBL console passcode, that doesn't actually stop hackers, since its only on your console.

#120 shadylane

shadylane

    Believe...

  • CAGiversary!

Posted 11 March 2012 - 04:49 PM

Ok, I see. So explain one more thing to me because I don't trust Microsoft employees for this information and I'm super paranoid about getting hacked again. Here is my question:

What are the proper steps in getting you're
Gmail account to act as you're login for the 360?

Shadylane310.png



33836.png