Full Disclosure mailing list archives
Re: Xbox live accounts are being stolen (is thetraining working?)
From: "Jay" <jay.tomas () infosecguru com>
Date: Thu, 9 Aug 2007 12:20:17 -0400
This list is about Full Disclosure, exploits vulnerabilities etc. Noone gives a rat arse whether some whiny n00bz cant play Halo. Find another list to gripe about customer service issues. Futhermore there isnt any proof provided that ppl didnt get compromised by getting phished themselves. I'm sure the same mindless twitz that are whinning here have to have a myspace account spilling all their personal information anyway. Jay ----- Original Message ----- From: Kevin Finisterre (lists) [mailto:kf_lists () digitalmunition com] To: scothir () microsoft com Cc: full-disclosure () lists grok org uk,amwilson85 () gmail com Sent: Thu, 9 Aug 2007 11:44:50 -0400 Subject: Re: [Full-disclosure] Xbox live accounts are being stolen (is thetraining working?) Which is fine... I was more than anything pointing out that this individual still chose to ignore company policy. And being stereotypical it sounded like the *same* call center I called into before, so if she is doing it I am sure others are as well. Hopefully she had minimal access to personal data. And I guess I was also highlighting the fact that no one was really paraded around for us to tar and feather for stealing accounts. Did you guys actually catch someone or did they get off Scott free? This issue had honestly been out of my mind for some time, I was quite surprised to hear of it happening again. -KF On Aug 9, 2007, at 11:26 AM, Scott Hirnle wrote:
Hi Kevin, For Hardware calls, we don't verify the same information as we do on Live calls. The reason for this is because some people (in fact many people) who call into the hardware queue are not even Xbox Live customers. Therefore, they don't have the same data to verify against and as a result, our agents don't have visibility into it and our entitlement process is different for each line of business. Scott -----Original Message----- From: Kevin Finisterre (lists) [mailto:kf_lists () digitalmunition com] Sent: Thursday, August 09, 2007 8:21 AM To: full-disclosure () lists grok org uk Cc: Ashley Wilson Subject: Re: [Full-disclosure] Xbox live accounts are being stolen (is the training working?) I find it kind of ironic that my Xbox broke last night after an update and I am now on the phone with a Xbox live representative. After the whole stolen accounts fiasco I remember calling in an having techs flat out refuse to work with you until you verified your full name, address, phone number, gamer tag, xbox console serial number and email address used on the account. I just finished talking to a tech about my xbox after only giving her my First name, Address and Phone number (I couldn't give my serial because my xbox is not near me). After asking to speak with her supervisor about some other issues I asked him to remind me of what information should be verified prior to speaking with someone. He told me that "First and Last name, Address, Phone Number, Email and Serial Number had to be verified and if any one item was missing or not available to be verified via other means" then they have been instructed to not speak with you. I asked him what happened with Gamertag verification and he stated that only applied to Xbox live issues and it was not verified for Xbox console issue. I didn't bother telling him the tech that passed me on to him didn't quite verify all the data, I simply said thanks and hung up. At the very least this may help illustrate that no amount of training can fully curb human behavior. The tech I talked to had no problem ignoring the lack of serial number and email address on my account. So Ashley... yeah I guess it is entirely possible that accounts *can* still be stolen. Hell for all I know it could be the same kids since no one was ever produced as the culprit of the previous caper. Good luck! -KF
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Xbox live accounts are being stolen (is thetraining working?) Jay (Aug 09)
- Re: Xbox live accounts are being stolen (is thetraining working?) Kevin Finisterre (lists) (Aug 09)