Microsoft comes clean on XBOX Live security blunder

Microsoft was quick to deny that they had a problem with security measures on their XBOX Live service last week. That is changing as they admitted yesterday that some XBOX Live support staff have been giving away personal information over the phone without verifying the callers identity.

It seems that some malicious users have been able to access XBOX Live accounts by pretending to be that user, make up a story about how the information entered was fake and began information gathering. This idea was first raised when it was discovered people were bragging about doing something similar to this on a forum. Information was gathered one call at a time but eventually, they had enough to reset the password and Windows Live ID.

They are investigating the issue but have put to rest claims that as many as 10 XBOX Live accounts per day were being stolen. Microsoft says that simply isn’t true but are not saying exactly how many accounts have been stolen.

Though the powers at Microsoft were quick to say that this shouldn’t have happened and are going to reeducate call center staffers on proper procedure which may include revisions to their current policy. In related news, some areas experienced a XBOX Live outage on Tuesday which Microsoft has said is not related to the account theft.

• 

• Playstation Store security breached; some user info compromised
• Xbox Live fraud threatens Live dominance
• PSN accounts equal Xbox Live
• Microsoft bringing Xbox Live family subscription plan
• Xbox Live less stable than PS3 PSN?