fifa-hack
Latest
EA putting 'a lot of resources' toward preventing another 'FIFA hack' season
Electronic Arts made over $39 million in just three months off FIFA 12's Ultimate Team DLC last year – a 69 percent increase from the same period the year before – but it also created a lot of headaches for consumers (and us) with what came to be known as the "FIFA hack.""We learned a lot from the experience. A lot of companies are suffering from this right now. There's a lot of sophisticated hacking happening in the gaming industry and it's a continuous battle," EA Games president Frank Gibeau told us during Gamescom. "We take it very seriously, put a lot of resources on it. The learning from the FIFA example last year has been incorporated this year. There's some incremental and additional things. I don't want to get too detailed because I don't want to tip our hand. Rest assured, we take it very seriously."Gibeau said that EA did hire someone from Microsoft to add layers of security precautions and other anti-hack methods inside the publisher's products."You're never going to win this battle," said Gibeau, recognizing the company can only go so far. "The moment you declare victory, somebody will walk in and show you didn't. So you have to continuously stay on top of it and, most importantly, keep account integrity the first and foremost issue."So, should consumers feel more confident this year that they won't be hacked?"I hope that they do, and I think our performance will have to make them feel that way." He concluded, "We can promise it, but we have to actually show it."
Microsoft: Xbox Live security strengthened, sneakily started with spring update
Despite Microsoft working to ensure the security of its Xbox Live network, the company has encouraged users to check their security information and update their passwords in a community blog post today. It's a cruel (virtual) world out there, folks.It's all part of new security measures that Microsoft is employing, measures that began with the spring update issued last month. The update helped Microsoft "build on security enhancements for the near future," says Xbox Live general manager Alex Garden.Xbox Live took its share of security lumps this year, including claims of a FIFA hack and purported Windows Live ID problems. In the community post, Microsoft also provides some general internet security tips – in case you didn't know it was a bad idea to use the same password for every site you've ever logged onto.
XBL GM responds to Live security concerns
On the occasion of "Safer Internet Day" (what?) Xbox Live General Manager Alex Garden posted a letter in response to the ongoing Xbox Live security concerns, including the FIFA hack and Windows Live exploit.Garden attributed the problems to social engineering, phishing, keylogging software, and other reasons not endemic to Xbox or Microsoft. "While we here at Xbox have no evidence of a security breach in the Xbox LIVE service," he said, "that is of little comfort to our members whose accounts have been compromised by malicious and illegal attacks."He recommended personal security measures to guard against this, including adding additional verification methods to your account "and reducing the amount of personal information shared online or through social networks." Additional proof helps guard your info, he said, and also makes it easier for Microsoft to investigate cases and issue refunds. "We still have a few cases that are taking longer to fully recover and some refunds are still being processed," he said, "but we're making great strides. We hope our customers are experiencing the improvements firsthand."
EA, hackers win big off FIFA Ultimate Team
EA's increased revenues from FIFA 12's FIFA Ultimate Team DLC, coupled with our continuing coverage of consumer complaints over the "FIFA hack," stood out as awkward juxtaposition during EA's third quarter financial call yesterday."The innovation that makes this franchise so unique is FIFA Ultimate Team," President of EA Labels Frank Gibeau said yesterday on a call with investors. "In just three months, FIFA Ultimate Team generated $39 million in microtransactions. That's 69 percent more than it generated in the same period last year."Gibeau went on to say that because Ultimate Team is a microtransaction-based system, the company is able to generate a sizable number of big-spender consumer behaviors and it becomes a business that scales much more aggressively than other traditional DLC models.Chief Financial Officer Eric Brown added, "To put some rough numbers on this, if we compare the total digital revenue from FIFA 11 Ultimate Team to what we expect from FIFA 12 Ultimate Team in this fiscal year, we're looking to see a 25 percent increase franchise to franchise. The overall package goods units sold is not increasing by 25 percent year over year, so we are expanding by a decent margin the microtransaction revenue per user of FIFA."We continue to receive complaints nearly every day of non-FIFA players having their accounts hacked to purchase Ultimate Team DLC. EA previously responded to this by saying that "a small number" of gamers continue to report being impacted by fraudulent activity related to FIFA Ultimate Team on Xbox Live.
Microsoft adjusts reported Live ID security concern
Microsoft has quietly altered its Windows Live ID login in response to a reported security concern. Last week, a brute force hack was exposed, with Microsoft's phrasing of error codes and infinite attempts to access accounts helping hackers along. The security flaw gained more exposure due to the ongoing "FIFA hack" and related security concerns. "Before it would just let you try over and over," Jason Coutee, the IT consultant credited with exposing the flaw, wrote Joystiq. "But now ... they handle the sign in request on the server in a way that it will stop replying after about 20 attempts." Coutee feels that Microsoft tightened the security, but didn't make any noticeable changes on the front end. "Good news is that at least they lengthened the time it would take to brute force Live IDs." Microsoft notes that the exploit was not a loophole in Xbox.com, but a brute force attack that is an "industry-wide issue."
Windows Live login suggested as Xbox Live security flaw
Since reporting on the "FIFA hack" and related security concerns with Xbox Live and the Windows Live ID system, we've received stories, documentation and theories on how this is happening from dozens of victims. As we continue to follow up on several leads, Analoghype posits an interesting theory on how some of these breaches may be occurring. AH suspects that the hackers grab gamertags from a game of Halo or Call of Duty, then Google the tags to find associated emails on social networking sites. They now have a potential list of Windows Live IDs. Going to Xbox.com, the hacker can now test if the email is a valid ID by attempting to sign in. An error message of "account is invalid" has them moving on to another email; "password is incorrect" means they've got a real account, but a bad password.
Xbox hacking victim tells her story, fights for others
In the current rash of Xbox Live hacking stories, Susan Taylor's might be the most interesting. Like many Xbox Live users in recent months, Taylor one day found that her Xbox Live account had been hijacked, and hundreds of dollars in Microsoft Points and Xbox Live subscriptions had been purchased, draining money directly from her linked bank account. And, like many others, the following days were consumed by calls with Microsoft support, attempting to get her stolen money returned and her Xbox Live account safely reinstated. Her story has many other wrinkles, including a second massive purchase, despite Microsoft's word that her account had been locked, and her own detective work into discovering exactly who had stolen her account and why. Suffice it to say that Taylor's story has a happy ending -- no doubt thanks to a hefty amount of public exposure -- though it certainly wasn't an easy process. Inspired by her experiences, Taylor has founded HackedOnXbox.com, on which her story is recounted and others are invited to share their own. We fully suggest you read Taylor's account of events, and don't forget that Joystiq is still investigating the issue as well. Be sure to contact us if you have any information.
Xbox Live 'FIFA hack' concerns continue to escalate, Microsoft states Windows Live ID not compromised
Additional reporting provided by Xav de Matos, Senior Editor for Shacknews. Following an increasing occurrence of Xbox Live account hack reports, we are growing concerned over Microsoft's Windows Live ID system, the only layer of protection between a hacker gaining access to a person's Xbox Live account and their information. In our research, the only consistency we saw across users who were hacked was the general inconsistency of what email and payment method was used on their account. Hotmail, Gmail and school emails were used for their Windows Live ID, while payment methods used were credit cards and PayPal. Other than a compromised Windows Live ID, there wasn't a common thread we could identify. It's been several months since we started following the "FIFA hack," a rather blunt scam that saw Xbox Live accounts drained so thieves could purchase in-game FIFA 12 'Ultimate Team' cards for use and sale. We have been tracking the FIFA issue and following up on other tips that weren't necessarily rooted in the FIFA hack, but related in that users saw exploitation of payment methods tied to their account. A recent Shacknews editorial detailed accounts compromised by the FIFA exploit.
