This question is answered
LOCKED

Account Hacked?

  • Level   2

About 6 days ago I received an email saying that I had added another e-mail address ([mod removed]) to my Windows Live Account, which I had not.  I clicked the link saying that I had not authorized that e-mail address and I didn't think anything about it.  Today I turn on my 360 and I get the error message that "Your Xbox LIVE membership information isn’t valid. Please use a profile that contains a valid membership or recover your profile from Xbox LIVE." 

I go through the steps to reset my password, which seems successful, and try to login.  I login, but I have a different gamertag, CurlierImps61816, instead of Bags5484.  I'm trying not to freak out and am telling myself that it's just an issue with the xbox live status having a service alert.  Anyone have any thoughts?  Thanks in advance.

Verified Answer
  • Indeed, it was compromised.  $125 was charged to my account.  A very nice lady on the support line helped me get everything straightened out, unfortunetly it will take 3-4 weeks to get things fully resolved.

All Replies
  • Indeed, it was compromised.  $125 was charged to my account.  A very nice lady on the support line helped me get everything straightened out, unfortunetly it will take 3-4 weeks to get things fully resolved.

    • Level   1

    I feel your pain. I was recently hacked yesterday (though luckily, did not get a name change), and was charged $75 in MS points. When I called customer service, a nice guy helped me out and explained that they could do the investigation (which takes 3-4 weeks) but that it also meant I'd be locked out of my account during that time frame.

    I decided to just eat the charge (I need the Netflix with no cable at the hosue), but have my credit card removed. I then noticed I had to recover my gamertag as well, which I did, then watched an episode of a TV show on Netflix. After the episode was over, I encountered the same error, so I recovered my tag once again, then changed the password.

    Then today, everything has been working great, but I noticed my MS point total being much lower than it was. Checked my download history and discovered 5 different XBLA titles downloaded, obviously none to my console. Called back just a bit ago, decided to go through the investigation.

    I'm a bit disheartened over the security breach, and probably will never purchase anything digitally over XBL again with a credit card, but I do have to say the customer service people are very well tempered, nice, and have understanding attitudes.

    • Level   1

    I actually had this issue yesterday, on this very account. At 5am, someone hacked my account, bought exactly $125 in points, then drained all of them on random games. Then the hacker proceeded to change the live email to one he has made. The problem is he failed to remove my primary email (a gmail account protected by 2-step verification) as the secondary email for the account. Because of this, I used the "I did not approve this" link, and stole his email, and moved my xbox live account to a brand new, secure email that I created.

    It's been a big hassle, but Xbox support reccommended that I do NOT go through with an investigation since I informed them my bank was on it as well, and it would be much faster to just let my bank contact Microsoft, rather then the other way around.

    I don't know why Xbox Support gets such a bad rep for phone support, and the whole 21 day thing. It was really quite good for me.

    • Level   S
    • Suggested Answer

    If your account is compromised, you need to call up phone support (support.xbox.com/contact-us) and ask to open an Unauthorized Access Investigation (UAI) and don't get off the phone until you do. This will lock your account during the investigation, and the process can take upwards of 30 days to resolve, sometimes longer in more complex cases.

    • Level   1

    I think everyone is aware of this, and that stock answer, which isn't a false answer, but just an answer everyone uses to avoid addressing the bigger problem. The bigger question is why multiple accounts over the past week are getting broken into. This has nothing to do with LulzSec hack of a bunch of random accounts, because I was not on that list, and got broken into anyways.

    I've read over forums for the past couple of days where users are getting points cards bought on their account, immediately spent, and if they're unlucky, their account ID transferred.

    Go ahead, look up on twitter for "xbox live hacked", and look at the most resent results. Do the same thing on google for stuff posted this week. It's not a widespread attack, but a growing one.

    • Level   S
    • Suggested Answer

    While I have no knowledge of any "attack", widespread or otherwise, we have posted some more information about account security, types of account theft, and what you can do to prevent it and respond to it. You can get that info here: www.xbox.com/.../Account-Security

    • Level   1

    I had the same thing happen to me with the same email address. spent some time on the phone with xbox live support and they have to do an investigation. down for 24 days but being handled...   hope that [mod removed] gets what's coming...

    • Level   8

    I'd say this was a lone gun picking off what he can get rather than some mass attack. There's been a few originating from that e-mail provider going by the posts on here but not mass attack numbers.

    Ryder Cup: 10-6 up and you blew it? hahahahahahahahahahahahahaha.

    Oh wait you serious? Let me laugh even harder BWAHAHAHAHAHAHAHAHAHAHA!

    • Level   1

    Same exact thing happened to me. My account has been under an investigation for a week and it will take around 25 days to get resolved. They charged $125 worth of points to my account. Just make sure you contact customer support and HEAR THEM SAY that they are opening an investigation. Also be sure you get a phone number from them to call so you can keep up with what is going on instead of relying on emails.

    • Level   1

    i had the same problem with my account today, they bought 6000 points plus 4 games and a total of 264 bucks and some change.

    • Level   1

    Figured I'd mentioned that I also had my account hacked by the same email address.  I noticed it about 30 minutes after it happened.  Fortunately, I haven't used Xbox Live to purchase anything in awhile and my CC had expired.  So the transactions just bounced harmlessly.  I still put in a call to MS to have an investigation done.