How I was hacked -- a tale of hijack, XBox Live and FIFA trading cards

[InfoSec News <alerts () infosecnews org>]

http://venturebeat.com/2011/12/04/how-i-was-hacked-a-tale-of-hijack-xbox-live-and-fifa-trading-cards/

By Dan Crawley
GamesBeat
December 4, 2011

This week, my Xbox Live account was hacked. This is the story of what 
happened, my response to it, and the questions about security that it 
has raised.

The hijack

At twelve minutes past midnight on Tuesday night, just as I was 
finishing up some work, I received an email to say that I had purchased 
6,000 Microsoft Points. My first thought was to laugh it off as spam, as 
I hadn’t bought any points for months, but I thought I should check my 
console anyway. On switching on my Xbox, I found that I could no longer 
access my account.

A quick Google search revealed that other Xbox users had been 
experiencing similar problems, and I realized that my account had been 
compromised. I tried to contact Xbox Live support, but its helpline was 
unhelpfully shut for the night.

Trying to think clearly, despite my somewhat bleary late-night state of 
mind, I logged into my Microsoft account on my PC, and changed the 
password. I then went through the process of recovering my Xbox Live 
account on my console dashboard, which involved entering my Windows Live 
ID and the new password. On seeing my account again, I was relieved, but 
also surprised to note that it had been used to play FIFA 12, the 
popular Electronic Arts soccer game.

[...]

_____________________________________________________
Subscribe to InfoSec News - www.infosecnews.org
http://www.infosecnews.org/mailman/listinfo/isn