Xbox Live Security Update

Caporegime
Joined
11 Nov 2002
Posts
84,086
Location
Barcelona
Hi,

Just thought I would link to this article/piece that appeared on www.majornelson.com yesterday.

I think last week there were some press stories stating thata people's acounts had been hacked or something like that. I think at the time some people thought it was just some Sony propaganda or soemthing.

It turns out that some people are using "Social Engineering" tactics to get the xbox live support staff to cough up enough of your details for them to then nick your account.

Sounds like some people hate to lose so badly that they try to steal your account!!!


----------------------------------------------------------------------
Xbox Live Security Update

Earlier this week when I first heard about the "Xbox Live network hacked" story, I checked with the people on our end, and then posted about it. As originally posted, Xbox Live has not been hacked. That is still true. A security researcher, Kevin Finisterre, discovered not a hack, but the fact that some accounts may have been compromised as a result of 'social engineering', also known as ‘pre-texting’, through our support center. Kevin gave me a call directly and once I realized what he was talking about (he sent me some painful-to-listen-to audio files) I confirmed that the team is fully aware of this issue. They are examining the policies, and have already begun re-training the support staff and partners to help make sure we reduce this type of social engineering attack.

There's no other way to say it; this situation shouldn't have happened. Our customers deserve better.

The Xbox team takes what happened and the resolution of it very seriously. I also wanted to let you know that we've posted a page on Xbox.com 'Troubleshooting Access to your Xbox Live Account' that can help you if you have questions. Finally, I chatted with Kevin earlier today and thanked him for bringing this issue to our attention. I also let him know that we have a much better understanding of this issue and that we are reviewing the processes in place to help prevent this in the future.
------------------------------------------------------------------------

Source: http://www.majornelson.com/archive/2007/03/23/xbox-live-security-update.aspx


rp2000
 
Not sure if that post has anything to do with the dash update though as they specifically say that the system itself hasn't been hacked and it was purely down to their staff messing up :confused:
 
Phil99 said:
Not sure if that post has anything to do with the dash update though as they specifically say that the system itself hasn't been hacked and it was purely down to their staff messing up :confused:

Yeap, the system hasn't been hacked.

The downtime tommorrow is just for maintaince and updates, but not the Spring dash update - that's coming later.
 
Wrathamon said:
Yeap, the system hasn't been hacked.

The downtime tommorrow is just for maintaince and updates, but not the Spring dash update - that's coming later.

I've heard they're completely changing it.

Nothing wrong with it as it is TBH.
 
Phil99 said:
Not sure if that post has anything to do with the dash update though as they specifically say that the system itself hasn't been hacked and it was purely down to their staff messing up :confused:


The downtime tomorrow and the forthcoming spring Dashboard update are not linked to this.

There is no actual fault with the live servers. The people who are calling up the Live Support team just try to "trick" them into giving away enough details to reset your account.

More a human error than a technology related error I'm afraid.


rp2000
 
Back
Top Bottom