IGN recently reported on a potential security exploit that was happening on Xbox.com which acts as a loophole for password thieves in order for them to gain access to many Xbox LIVE Accounts. As a response to that report, Microsoft insist that “This is not a ‘loophole’…” and the hacking technique outlined is an example of brute force attacks which is an industry-wide issue.
Quoted by Microsoft:
“Microsoft can confirm that there has been no breach to the security of our Xbox Live service. The online safety of Xbox LIVE members remains of the utmost importance, which is why we consistently take measures to protect Xbox LIVE against ever-changing threats. Security in the technology industry is an ongoing process, and with each new form of technology designed to deter attacks, the attackers try to find new ways to subvert it. We continue to evolve our security features and processes to ensure Xbox LIVE customers information is secure…”
The main cause for concern for Microsoft with gamers seems to be common scams and phishing schemes which steal your account. This make it look like you’ve been hacked, but actually you have unknowingly provided someone with all the correct information they need to access your account. There is an Xbox LIVE Account Security check list which provides a great deal of information on how to keep your account secure and the type of scenerios in which your account may be compromised – hit this direct link for more information.
An example of a current known phishing scam can be found by reading our own experience here.