Latest Updates

Xbox Live users having their accounts hacked and used for FIFA purchases

Posted at 18 October 2011 02:00 CET by etdragon

A slew of Xbox Live users are reporting that their accounts have been hacked and used to purchase content for either FIFA Soccer 11 or FIFA Soccer 12. Microsoft has responded, rather slowly, to these reports by locking down affected Live accounts for as many as 25 days to investigate the fraudulent activity.

One gamer blogged his story of his hacked account and his interactions with Microsoft trying to revolve the issue.

“Sure enough, all of the Microsoft points that were stored in my XBL account had been spent on in game items for FIFA 11(I don’t own that game… hell, I don’t even like soccer video games) and whoever spent my MS points had then tried to purchase more. Presumably, when that purchase failed, they abandoned my account and went on to steal from some other unsuspecting gamer.”

A Reddit thread was also started by another gamer to voice his frustration with Microsoft’s slowness to respond to accounts of hacking.

In all of these accounts the story is largely the same. A Xbox Live user will find a bunch of fraudulent FIFA 11 or FIFA 12 purchases on their account via email confirmations of purchases, missing Microsoft Points, or charges to their credit card. When those users contact Microsoft about the issue their account is locked down so Microsoft can investigate. Microsoft claims it takes 25 days to investigate a claim like this and they need the credit card information on file with the account to remain there for the duration of the investigation.

Neither Microsoft nor FIFA publisher EA is taking responsibility for a security breach. Microsoft responded to Ars Technica’s request for comment by issuing the following statement,

“We do not have any evidence the Xbox LIVE service has been compromised. We take the security of our service seriously and work on an ongoing basis to improve it against evolving threats. However, a limited number of members have contacted us regarding unauthorized access to their accounts by outside individuals. We are working with our impacted members directly to resolve any unauthorized changes to their accounts. As always, we highly recommend our members follow the Xbox LIVE Account Security guidance provided at to protect your account.”

While it is possible that Microsoft or EA isn’t having a security issue, the account information is coming from somewhere. It’s possible the hackers are reusing login information obtained from another database. The real issue isn’t how the hackers are getting login information but instead how Microsoft is handling it. Taking 25 days to investigate a claim like this when a large number of users are reporting the same problem is excessive. Even more annoying is the fact that getting a credit card off your Xbox Live account requires a call to Microsoft instead of a few simple clicks on the account management web page.

There needs to be an easier way to get credit card information off your Xbox Live account and a faster process for investigating claims like this. Waiting nearly a month to get resolution on fraudulent charges is insane. Was your account hacked for FIFA downloads? If it was tell us your story in the comments including how your interactions with Microsoft went down.

Click for more news

game consolespiracy

Click to share

There are 4 comments

New Member
Posted on: 19 Oct 11 13:59
    Found out mine was hacked this morning and phoned Microsoft. They say it can take upto 20 days to investigate which is not good when Battlefield 3 is due out next week so I won't be able to get on. Why they need to take 20 days to investigate it is beyond me. I wish I could find out who it was that did this as well.
    MyCE Resident
    Posted on: 19 Oct 11 20:29
      Typical Microsoft buffoonery. And its disgraceful the lack of security keeping Xbox Live users credit card numbers on file the way MS does and having it displayed on my TV when I go to purchase content.
      MyCE Senior Member
      Posted on: 20 Oct 11 03:36
        brocklaser, that's awful. I keep checking my account just to be sure. For my reference did you previously share the user name and password combo you use for Live for any other service?

        It's really likely these logins are coming from somewhere else and not a breach of Microsoft's security but without some help from MS or EA we'll never know.
        New Member
        Posted on: 20 Oct 11 09:27
          I never give out my usernames or password and am always careful to not open emails that look dodgy. I don't even really use my live account it is just there for the xbox account.
          It does suck but the support guys were very freindly and although it may take upto 3 weeks to sort at least they have freindly and understanding staff.

          Post your comment

          You need to register before you can comment

          Like us

          Most popular headlines

          Android 5.0 Lollipop contains serious SMS bug on Nexus 4, 5 and 6

          Users on the Android Issue Tracker report a SMS bug in Android 5.0 Lollipop runn...

          Intel reports breakthrough in SSD costs - to release 10TB SSDs

          Intel plans to release SSDs based on 3D NAND in 2015 with "disruptive cost&...

          VirusBulletin tests 48 antivirus scanner for Windows 8.1 - Avast doesn't pass

          Antivirus test organisation Virus Bulletin has tested 48 virus scanners for Wind...

          Microsoft's recent SSL patch causes issues - update system remains seriously flawed

          An important update Microsoft released last Tuesday fixing a critical vulnerabil...

          Windows 10 build with kernel version 10.0 pops up - OneCore ready?

          The Chinese website and Russian AngelWZR report that a new build...

          See all headlines

          Community Activities