http://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/ Engadget Comments for Microsoft admits uptick in Live account hacking, writes it off to social engineering http://www.engadget.com/media/feedlogo.gif http://www.engadget.com en-us Copyright 2012 Weblogs, Inc. The contents of this feed are available for non-commercial use only. Blogsmith http://www.blogsmith.com/http://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/http://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/Mar 21st 2007 11:43PMhttp://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/http://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/Mar 22nd 2007 12:02AMhttp://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/http://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/http://www.internetnews.com/security/article.php/3667201

So what do you have to say to that?]]>Mar 22nd 2007 12:42AMhttp://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/http://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/Mar 23rd 2007 2:02AMhttp://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/http://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/Mar 22nd 2007 12:16AMhttp://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/http://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/Mar 22nd 2007 12:34AMhttp://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/http://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/
I should say that they haven't stated at all that there has been an increase (in fraud), only that there have been reports of an increase and that they are looking into it. Reports of increased fraud do not not equal increased fraud when bloggers and the internet are concerned. I really do think this issue has most likely been blown up far beyond any realistic degree.

I thought I might also reprint the conclusion to the cnet article, restating that it may be a new phishing scam which agrees with Major Nelson's assessment and, if true, would account for some uptick in fraud.

"While some users believe the security of Xbox Live was breached, others suggest that users were tricked into giving up enough information while in a game so fraudsters could call Microsoft to change the account information. Users may also have been duped into giving up their account information through phishing scams."

]]>Mar 22nd 2007 12:34AMhttp://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/http://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/
I just wanted to put things into prespective before things went crazy. I've been following the story, and it does look like a much smaller event than previously imagined by various bloggers. Rumors just travel so fast on the internet and seem to get amplified to hysteria before any real research can even be done to confirm or deny.]]>Mar 22nd 2007 12:43AMhttp://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/http://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/Mar 22nd 2007 3:09AMhttp://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/http://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/Mar 22nd 2007 10:48AMhttp://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/http://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/
I thought the two writeups (this and the source from their sister blog "joystiq")were somewhat amusing in their differing opinions. While this author wrote with a very suspicious and unbelieving tone, joystiq was completely different. I doubt there's a hidden bias, just an honest difference in approach to the story, but I thought I would share a bit of the joystiq article for the lazy (there are many).

"Major Nelson has issued a statement dismissing recent reports that there has been a collapse in security with Xbox Live and Bungie.net. Nelson says, "Despite some recent reports and speculation, I want to reassure all of our 6 million Xbox Live members that we have looked into the situation and found no evidence of any compromise of the security of the Xbox Live Network or Bungie.net."

Nelson goes on to say that there have been "isolated incidents" where users are trying to gain personal information. Microsoft is offering a PDF on how to protect yourself against identity theft. Seriously though, it's the internets, there are predators out there trying to steal your identity. Don't ever give someone your passwords or personal info."

Amusing, eh?

Full disclosure, I'm a mac(book pro) user who owns an xbox, so my take might be tilted somewhat.]]>Mar 22nd 2007 12:57AMhttp://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/http://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/Jul 3rd 2008 2:33PMhttp://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/http://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/Mar 22nd 2007 4:04AMhttp://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/http://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/
I am curious to know what the Live system in so insecure compared to other Microsoft websites. For anyone with more than a handful of paranoia could be put to rest by signing up using a credit card and then three or more days later having the issuer issue a new card.]]>Mar 22nd 2007 5:49AMhttp://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/http://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/http://www.shacknews.com]]>Mar 22nd 2007 8:37AMhttp://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/http://www.engadget.com/2007/03/21/microsoft-admits-uptick-in-live-account-hacking-writes-it-off-t/Mar 22nd 2007 10:31AM