Microsoft denies Xbox Live compromise

Stephen Withers
Thursday, 22 March 2007 10:53

Your IT - Entertainment

Microsoft responded to this morning's iTWire story about hijacked Xbox Live accounts by denying that either bungie.net or the Live network had been compromised.

A spokesperson said "Microsoft would like to reassure all of its 6 million Xbox LIVE members that despite some recent reports and speculation, the company has looked into the situation and found no evidence of any compromise of the security of Bungie.net or our LIVE network."

The company instead implies that any cases of individual accounts being compromised are due to users giving up personal information that could be used to gain access to their accounts, presumably by either guessing passwords or by posing as the accountholder in 'pretext' calls Microsoft's support line.

"There have been a few isolated incidents where malicious users have been attempting to draw personal information from unsuspecting users and use it to gain access to their LIVE account... We think this is a good time to remind Xbox LIVE members that they should never give out any of their personal information," said the spokesperson.

The statement did not address claims that tools exist that allow someone to gain control of an account just by knowing its owner's current IP address. We've asked the question, and will report the answer when we receive it.