xbox live account hacked

So how would I know if my acct was migrated?

For example, I found out 10 days AFTER it was hacked and noticed points missing and more points were purchased but after I recovered my GT it was still in English on my dashboard...

Like I said b4, mine was def the FIFA hack as I had achievements worth 35GS on the game I've never ( nor would I) played....


I'm up to 24 days now and think I may call them back and give them a piece of my mind...

The guys who have been down for months...how do you tolerate that?! I'd be calling them every week til they took care of it each time going up the ladder of ppl to talk to...

Personally, I find the sweeping under the rug like this doesn't exist on a wide scale basis to be completely ridiculous!
 
If the dashboard is still in English, you didn't get migrated.

Calling repeatedly does no good. Nor does filing better business bureau complaints etc. per posts on the Xbox support forums. Nothing to do but wait. Doesn't hurt to file BBB complaints and/or complaints with your state's attorney general etc. though. Maybe if enough people do they'll get their act together.
 
[quote name='dmaul1114']If the dashboard is still in English, you didn't get migrated.

Calling repeatedly does no good. Nor does filing better business bureau complaints etc. per posts on the Xbox support forums. Nothing to do but wait. Doesn't hurt to file BBB complaints and/or complaints with your state's attorney general etc. though. Maybe if enough people do they'll get their act together.[/QUOTE]

I just find it awfully shady that while my service is down Xbox didn't have any problem whatsoever in charging my CC to re-up my acct too
 
Well update to give some hope to people out there.

My account got hacked and migrated to a different console, but probably not a different country on November 18th. I got the email this last thursday December 8th that they had completed the investigation and found that my account was accessed and points spent, the points were waiting for me when I recovered my account to my profile, changed my password and have been playing ever since. I didn't have a credit card on file, so I think that might have sped up my situtation. Hopefully this spreads a little hope to anyone else who had their account stolen.
 
[quote name='aphu9876']Well update to give some hope to people out there.

My account got hacked and migrated to a different console, but probably not a different country on November 18th. I got the email this last thursday December 8th that they had completed the investigation and found that my account was accessed and points spent, the points were waiting for me when I recovered my account to my profile, changed my password and have been playing ever since. I didn't have a credit card on file, so I think that might have sped up my situtation. Hopefully this spreads a little hope to anyone else who had their account stolen.[/QUOTE]


Thank you for the update...much appreciated
 
[quote name='dmaul1114']Calling repeatedly does no good. Nor does filing better business bureau complaints etc. per posts on the Xbox support forums. Nothing to do but wait.[/QUOTE]

You're reading the wrong forums. Read the NeoGAF ones instead of ones that may or may not be filtered/modded by Microsoft.

Calling repeatedly does no good = 100% true
Filing a BBB complaint seems to work almost instantly.

I waited 6 weeks (with approx. 4-5 calls), and got absolutely nowhere. Then I filed a complaint with BBB.com and received a phone call within two days from corporate. That was Friday. I checked my E-mail today and the reset instructions are already there waiting for me to get my account back.
 
The posts on the MS support forums weren't filtered. They were people bitching about having waited weeks, having filed BBB complaints and gotten a call but nothing resolved etc.

Yours was likely just about done anyway since it seems a lot of reports have people waiting 6-8 weeks (with some waiting longer than that).

That said, I'll be out of town the 17th-27th. If I haven't gotten the account back by then I'll call and likely file a BBB complain since that would be just past the 2 month mark.
 
[quote name='dmaul1114']Yours was likely just about done anyway since it seems a lot of reports have people waiting 6-8 weeks (with some waiting longer than that).[/QUOTE]

It was a bit too coincidental for my case. they called me the day before Thanksgiving asking for an E-mail address that had never been associated with my account. Problem is, I already gave it to them when I opened the case.

10/28: opened case with XBox (told 25 days)
11/23: Received voicemail for unique E-mail
11/23: (minutes later) Returned call and gave E-mail
12/02ish: Called again to double-check E-mail & give them a brand new one just in case
12/07: Realized I've waited long enough and this is ridiculous
12/08: filed complaint with BBB
12/09: (Friday) Received phone call from XBOX corporate
12/12: (Monday) Account reinstated with all points returned.

Those dates tell the story.

PM me (open to all CAGs) if you'd like a transcript of the BBB complaint I wrote & submitted. I can personally vouch for the awkwardness of starting it, most of these things are simple cases of "my vacuum broke, it doesn't suck and Joe's vac shack sucks! help me BBB!" But the FIFA hack is on a whole other level.
 
Last edited by a moderator:
[quote name='Kerig']

Those dates tell the story.

PM me (open to all CAGs) if you'd like a transcript of the BBB complaint I wrote & submitted. I can personally vouch for the awkwardness of starting it, most of these things are simple cases of "my vacuum broke, it doesn't suck and Joe's vac shack sucks! help me BBB!" But the FIFA hack is on a whole other level.[/QUOTE]

I would be curious myself as to how this was presented as I had the issue w the FIFA hack.
 
I'm not sure if mine was Fifa/EA related or not. No Fifa achievements or DLC.

Just spent 1200 points or whatever on an XBLA game (Rift I think they said) and migrated the account to Russia. But I did catch it right away and get the password changed so my gamertag never got migrated off my machine.

Anyway, I'll definitely take that BBB transcript so I'll shoot a PM.
 
Guys-

Just wanted to update...


Got an email when I was headed home from work last night... XBox has successfully completed the investigation and returned my GT back to me...

Had to still jump through hoops bc they altered my email address so even though my contact email worked they changed my live ID email addy and I had to call back to CS to provide proper info...

That said, they give you a temp Live ID address that you MUST use for 30 days so it's sr#### w the # being your case file #

They were very helpful when I called this time though...MUCH more than before...


So I am officially back and just need to change my Live ID address in 30 days and everything will be a-ok.


Also, to finish up, they found in the investigation, my account was taken over and surprise surprise 3600 points were used to purchase various items in FIFA 12...

Not only did they get me those points back, but they gave me an extra 800 points and a free month of Live to say they were sorry.


While I wasn't happy with the way they took my call and info in the beginning and the lack of updates, I am very pleased w the ending and the two individuals I spoke to last night...

So don't give up hope guys and keep trying...someone in CS may want to go above and beyond and help you.
 
Somehow my account was hit today and drained of all of the points. I would have never noticed, but by luck I got an email from Xbox rewards and tried to log in to check my balance. Couldn't login, so reset my password. Reset my email account's password as well for good measure. When I eventually logged in I noticed that my points balance was lower than I remember it being.

So I checked my purchase history and noticed a purchase of "gold packs". At this point I had around 9000 points still in my account - and the gold pack purchase dates were for today. Figured they would take care of it -- but by the time I got home and called them with the console serial number and ID number the account had been completely drained -- 15,330 points. They even attempted to purchase another 6000 points - however my credit card on file was expired - so they were denied.

The biggest thing I'm upset by is the fact that I'm going to miss out on the holiday sale - it was the entire reason I was stockpiling points...
 
If you don't mind buying more points, you should still be able to sneak onto xbox.com, add points, and purchase gold-exclusive sale items to add to your download queue. I was able to do it for the Black Friday/Cyber Monday deals on my account. YMMV.
 
[quote name='Kerig']If you don't mind buying more points, you should still be able to sneak onto xbox.com, add points, and purchase gold-exclusive sale items to add to your download queue. I was able to do it for the Black Friday/Cyber Monday deals on my account. YMMV.[/QUOTE]

Good luck w that...

By the time I got off the phone w them, they not only cut me off the console but they fully locked my acct and made my existing card invalid...

So I guess that's really YMMV based on the turnaround time of them locking your acct
 
Got another email about a delay with the investigation and another one month code.

Dear Xbox LIVE Customer,

We wanted to give you a quick update on the status of your unauthorized access case.$ Due to the complexity of your case, we are engaging our engineering team to create a solution that will allow us to return your account to you. While this work continues, we’d like to offer you a free, 30-day Xbox LIVE membership code.
Click to expand...
 
Looks my account just got hacked too, yay!!! I called Xbox Support and they said it would only take 16 days for them to fix it. They took some 3800 MSP prepaid points off my account. Lesson learned for me, never activate a MSP code unless you plan on immediately using it. I looked into my point history, and it looks like they were all spent on "PREMIUM GOLD JUMBO" for FIFA. I honestly hope that they get rid of that card trading feature or whatever it is that's been causing the account compromises. And I think a really good idea would be to add something along the lines of a "Steam-Guard" like service for XBL

Edit: Pro-tip: and check your security questions for your account. I just did and the hacker changed it to something in Chinese. I changed it back to another question. If you don't, a hacker could easily re-compromise your account again.
 
Last edited by a moderator:
I'm back in town from the holidays at my folks, and still no resolution.

Filed the BBB complain, so we'll see if that speeds things up any.
 
I didn't get any of the Fifa hack stuff on my account (only purchase was Rift).

But basically, Fifa 2012 has some card packs that can be bought and traded/sold or something like that. These have monetary value, so it gave hackers more incentive to steal people's accounts as they can buy these things and get money out of them apparently.

Others like me just had games bought, or Xbox live point packs purchased etc.

Edit: Some details on it here:

http://www.shacknews.com/article/71700/editorial-fifa-12-xbox-live-money-laundering
 
It would be interesting to see how many of the victims had simple passwords, fell for a phishing scam, fell for a deal that was too good to be true, pirated games and fell ill to a keylogger or something (assuming you logged into your XBL account on your PC) or gave out their password to somebody so they could get them achievements.

I doubt this was hacking in the traditional sense, in any case.
 
I certainly didn't give out any of my info anywhere, and I use a pretty strong password (meaningless string of letters, numbers and a couple symbols).

And I don't pirate anything, and I'm pretty careful where I surf to avoid spyware/malware. I tend to use my iPad for any websurfing to potentially suspect sites since it can't get viruses from websites.

So I have no idea how they got my info other than by stealing it from somewhere, be it Windows Live, XBL, EA (from their stupid accounts required for the Bioware games) etc.
 
Sounds like social engineering is still going on then. My advice would be to not include your real details in public profiles and things like that. My details are close to being true but ultimately fake.

But that's still not hacking in terms of cracking security or anything. It's manipulation.
 
Possibly, but I don't see where they could have gotten anything. My Facebook is set to friends only. And even if they could see everything on my Facebook, my password is a random string not related to any of my info. There's no where else on the net that I have my real info--beyond name, address and CC info stored in various online stores like Amazon.

In any case, I don't really care how or why it happened. I care that my account has been locked for over 2 months while they investigate and try to get it back to the US. Apparently they have to rebuild it all line by line of code as all the software licenses etc. get corrupted when migrated to another country. Bunch of BS that they had a way for people to migrate accounts without having an easy way to migrate them back in the event of accounts getting stolen.
 
I'm still sticking to my original theory that the hackings all have something to do with Xbox.com, since thats really the only thing I can think of that everyone thats been hacked has in common. I've heard of people with a ton of EA games played getting hacked, I've heard of people with absolutely 0 EA games played getting hacked. People with random passwords, emails, etc. Best thing I can think of for now is to avoid logging in to any site other than Live.com with your XBL info and always be sure to browse with Firefox and NoScript.
 
[quote name='dmaul1114']I'm back in town from the holidays at my folks, and still no resolution.

Filed the BBB complain, so we'll see if that speeds things up any.[/QUOTE]

After my account was hacked and resolved, I still didn't have my points back and they kept giving me the runaround. I filed a BBB complaint and got a direct email and phone call from Microsoft less than a week later. Problem solved. Squeaky wheel gets the grease.
 
[quote name='Mr Unoriginal']After my account was hacked and resolved, I still didn't have my points back and they kept giving me the runaround. I filed a BBB complaint and got a direct email and phone call from Microsoft less than a week later. Problem solved. Squeaky wheel gets the grease.[/QUOTE]

We'll see.

In the Giantbomb interview with the Xbox security team leader linked to in this thread (or maybe the other one on hacking here) he said anything like that was just coincidental and that they don't bump BBB complaints up to the top of the queue. But I figured that could just be PR to keep more people from filing complaints, so I figured I'd give it a shot anyway. Though there are some who've been waiting months on the Live support forums who have filed BBB complaints--so it definitely isn't a quick fix for everyone who files one.

That's interview is also where the info on the accounts being migrated to other countries being more complex and taking longer came from as well. From that and posts on the Live support forums, apparently those accounts can't just be migrated back and all of the account (licenses etc.) have to be rebuilt from scratch, line-by-line of code. Ridiculous.
 
I got hacked the other day. Person bought $120 worth of points with my paypal account. I had a minimal number of points in my account (less than 400), so I just filed a complaint with paypal saying someone made unauthorized charges. I changed my passwords/security questions/etc and made it so you have to have my password to log in to another console. I'm hoping Paypal will refund my money and I won't have to take this to Microsoft, because I don't really want my account locked out for months and I don't care about getting the 400ish points back.
 
[quote name='Mizzou75']made it so you have to have my password to log in to another console.[/QUOTE]

What did you change exactly? Don't you always need the password to log in to another console anyways?
 
[quote name='DOMINATOR912']What did you change exactly? Don't you always need the password to log in to another console anyways?[/QUOTE]

From here: http://www.xbox.com/en-US/Live/Account-Security/What-To-Do

Require a password to sign in from all consoles where your profile exists

If the person who compromised your account downloaded your profile to a console, they may have elected to not require a password to sign in. In this case, even after changing your password, they will still be able to sign in. To solve this, you will need to remove access to your profile from all consoles. To do this:

All consoles across Xbox LIVE will now require your freshly changed password to sign in.
Click to expand...
Basically it makes it so the person who hacked you needs to know your new password to log-in. Obviously if they figure it out they'll be able to do what they want, but assuming they don't, doing this makes it so no other consoles have access to your profile without knowing the new password. If I just changed the password and that person still had my profile on their console, they'd log in automatically even though the password is different.
 
Lesson learned from the past. Never ever give or put in your credit card or paypal account to your console and avoid at all cost giving your info to tech support or CS, where they can access your credit card or paypal info. I got unauthorized purchases and drained my card when I talked to MS tech support/Customer service. I don't trust them anymore. I gave all the information they asked, the next day...BOOM! drained my bank account. Thank God I got my money back... Now, I only use prepaid gold and points... No Credit Card anymore... It's not worth it to save a couple of dollars in exchange of credit card fraud. So much hassle...
 
Yeah I don't think anyone should be using a credit card with these types of services, its just too risky, and they will all be hacked eventually. Prepaid cards are available almost anywhere for these types of services, and are often available at a discount, so there is no reason to give MS your credit card info. I wouldn't trust my info with Sony, Apple or Nintendo either, because it will all be hacked eventually if it hasn't been already.
 
Still no progress on my account.

Checked the status of the BBB complaint I filed on 12/28. It wasn't processed and forwarded to MS until 1/3, and the status page says MS has until 2/17 to respond.
 
If you're anti-social like me and don't like communicating with people you can use the new xbox support chat to remove your CC from your account but according to the person I'm talking to you need a CC now to have a gold account and if you remove it you will forfeit any days left on gold. I had only 6 left so whatever

Well it's been removed and I'm still gold it might have been a bluff.
 
I got hit with something, but it wasnt FIFA related. I was playing AC Revelation, and when I decided to futz around the DLC, I noticed my points were all gone. Assuming they were expired, I check the billing page and notice someone decided to buy games like Fruit Ninja, Bejeweled 3, Sega Rally Online, and even 2 avatar items.

Freaked, I changed my password for email and windows live, and did the Profile Protection thing.

Called them up and they gave me the whole lockdown schpiel. Whatever, my situation should be easy to remedy because I had no cards or PayPal attached.

It's been a few days now (this happened on Saturday) and my account has not been locked down at all, so I've been using it normally, not downloading anything of course.
 
It took them a couple weeks to get mine locked down after I called. Purchasing ability was locked instantly, but since it was migrated to Russia it took them a couple of weeks to lock it down to where I couldn't sign into live or play online etc.

I thought for ones that didn't get migrated to another country the lockdown was instant though. But I suppose there's no reason to worry about it if you have no points left and no payment method attached to the account.

If it's not locked down in a week I'd give them a call though as that means they haven't started the investigation and you want them to get it going so you get the account back as soon as possible.
 
You must log in or register to reply here.
bread's done
Back
Top