An interesting report surfaced earlier this week claiming that hackers can pull credit card information off your old Xbox 360 hard drive. This news came as a bit of a shock as it claims that even formatting your hard drive will not entirely wipe the data off the storage device.
As reported by Kotaku, an ongoing study at Drexel University lead by researcher Ashley Podhardsky has revealed that credit card data can be retrieved off old Xbox 360 hard drives. Podharadsky revealed that Microsoft does a good job at projecting its own proprietary information on the console, but doesn’t take steps to protect user data such as credit card information.
As part of the research study, the group obtained a used Xbox 360 hard drive from a retailer and installed some hacking tools. The group was easily able to retrieve some files with credit card information.
Jim Alkove, GM at Microsoft security responded to Joystiq, stating that they are conducting their own investigation into the matter. According to Alkove, the Xbox 360 is not designed to store credit card data locally on the console. However, things are not usually as straight forward in cases where data is kept in memory before transmitting to a server.
For most, this should not be a major concern unless you have traded in your old Xbox 360 at Gamestop. It seems like the recommended course of action is to keep a scorched earth policy for now with your old hard drives until things are sorted out on Microsoft’s end.