MSFT exposes account data to domain squatters
Someone really goofed on this one. Here's how Microsoft is encouraging people with Xbox Live account issues to email domain squatters with their personal account information.
Step 1: Visit http://www.xboxlivediamond.com/
Step 2: Enter a gamertag that's already taken. Joystiq works for this purpose.
Step 3: Notice the error message that says: "We're Sorry!!! That GamerTag has already been registered" Notice the following instructions: "If you believe that someone else has registered with your GamerTag, please send an email to support@xboxdiamond.com."
Step 4: Notice that xboxdiamond.com is registered with domain squatters. Oops! Hope nobody sent their Xbox Live account information (password, credit card information) to that email address! We further hope that whoever's receiving the deluge of emails isn't impersonating Microsoft and soliciting this information from Xbox Live customers.
The domain recently changed hands on eBay. The auction can be found here, including the following text from the seller, which essentially proves that the registration was motivated by squatting:
"This can only mean Microsoft had planned on buying XboxDiamond.com as a domain to use for support. Now that I took it first-- it means Microsoft will pay BIG BUCK$ to get it back! Buy it now-- and then sell it to them! Only reason I am selling is I need to pay off some holiday stuff-- and need to get the money asap! Good Luck this is a once and a lifetime domain!"
Let's hope the new owners are a little more scrupulous than the guy or gal that offloaded the domain on eBay.
