XBLA users report unauthorized purchases, hackers leave FIFA achievements to mark their crime

An unwelcome reminder of 2011's PSN attacks came for a number of Xbox Live users this weekend, as multiple reports concerning compromised account details, unauthorized purchases, and transfers surface. Reports from affected users suggest the attacks follow a fairly recognizable pattern, but if you're an XBLA user with credit card details stored on the service, your first stop should be to check the email address tied to your account.

The breach differs from the attacks of earlier this year, as those incidences were characterized by the release of data rather than the exploitation of hacked credit card details. This time, hackers have been purchasing Xbox Live Gold time and MS Points then transferring them out of the afflicted accounts, report users on NeoGAFand Reddit. In many (but not all) cases, the attacks have also involved intruders playing and unlocking achievements on FIFA 11 or 12 to mark their presence.

Ars Technica has Microsoft denying that the XBLA service has been compromised, though the company acknowledges it's working with a “limited number” of users to resolve data breaches and unauthorized activity. If you think your account may have been compromised, Microsoft recommends visiting the XBLA account security page.

Oct 17, 2011


  • jmcgrotty - October 18, 2011 5:42 a.m.

    These things are going to just happen more and more often, since there is a false impression on site security, in regards to phishing. People always talk about how secure a password is and the importance of it, but it's meaningless if you have a stupid security question (for example, Paris Hiltons hint was "tinkerbell" and the question was "what's your pets name?" An easy-to-find answer). People may change their password all the time, but they don't think of changing their security question.
  • jmcgrotty - October 18, 2011 5:43 a.m.

    Edit (not that it matters): Hiltons hnt was "what's yoru pets name" and the answer was "tinkerbell". Opposite of what I said above.
  • EBAX1 - October 17, 2011 5:56 p.m.

    I don't mean to sound like a douche, but that'll hopefully teach a lot of the more fanboyish xbox users to think before starting flame wars over the psn breach
  • Scoob - October 17, 2011 6:12 p.m.

    Though the details are sparse here, this looks different in that it's just accounts that were compromised in the same way that an account on other storefronts such as Amazon could be. This could have been as simple as a phishing attempt, or someone having keylogger viruses on their computer. The PSN breach affected the entire network and was an organized attack on the system putting the data of millions of people at risk. I doubt it would stop the more fanboyish users from ragging on the PSN. I think we're just going to see more PS3 fanboys all over this acting like it is as bad as the PSN breach was.
  • angelusdlion - October 17, 2011 6:50 p.m.

    this.. ^
  • MidianGTX - October 17, 2011 7:27 p.m.

    Well at least PSN was hacked by professionals!
  • Elwaldorf - October 17, 2011 6:43 p.m.

    This actually happened to my roommate earlier this year. Contacted the security page and they responded back pretty quickly, they downside was they suspended his account for 2 weeks but came back with no charge on him and if I recall extra MP points. It should be known Xbox Live could get attack just like PSN did, its a sad fact. IMO, I believe Microsoft just has their act together on it.
  • Broken360 - October 17, 2011 5:39 p.m.

    Here we go again!

Showing 1-9 of 9 comments

Join the Discussion
Add a comment (HTML tags are not allowed.)
Characters remaining: 5000