Announcement

**Matt** · 06-11-2011, 10:18

I'm getting the impression this is kind of a "hack an account, load titles on a new 360 and sell it" deal.

My "name" had changed to JOHN WALKER, location BBG, and in bio is said "SIEHE OBEN ^". They'd even set the motto as "BF3 <<3" and changed my picture.

Because of how Live works, once the person goes online, my ChainsawFilms live account won't sign in, they can't recover it without or change the password now, so those games they downloaded [I believe] will not work anymore. Makes little to no sense why someone would do that just to gain access to titles unless they either were never going online or it was being sold on. The fact someone took the time to change name and other info, as if it's their console / account... it's stupid.

BTW, they also changed my security question on Live, which I've subsequently changed back.

**EvilBoris** · 06-11-2011, 10:33

Most likely thing is they just changed your password on the .net website then purchased things through Xbox.com.

As soon as your account gets recovered on another machine it won't allow the old one to ever sign in again (you can't have an account copied on multiple machines)
Those games will still work on their machine with or without your account, they may of even done the hack just to get those games on demand.

Bit of a ****e thing to happen, but I'm sure it'll be sorted out for you.

If you haven't already it is worth searching this document

Random gaming forums (50k users) (2)

http://www.mediafire.com/?3l4e35633djzgf9

MediaFire is a simple to use free service that lets you put all your photos, documents, music, and video in a single place so you can access them anywhere and share them everywhere.

to see if your username or email feature amongst the 55,000 of details hacked from random games forums and the 550,000 sets of username,emails and passwords that got hacked from EA's Battlefield Heroes.

**Escape-To-88** · 06-11-2011, 11:22

Thanks EB. I'm not on the list, but noticed when I tried to sign in for Windows Live on the P.C version of Arkham Asylum it said an update was avaialble yesterday - is this a security update?

**'Press Start'** · 06-11-2011, 12:11

I noticed my bro's gamer tag had changed and he had been playing fifa 12, my brother would never play fifa so I informed him he had mostly likely been hacked. He checked his bank and yup, he got ?250 rinsed from his account. He had just come back from holiday so had no idea the money went. Call MS and the police and got it sorted.

I told him Point cards or Credit card only online. He now listens to his little brother!

**Matt** · 06-11-2011, 12:45

12:54 today - emails arrive confirming my "purcase" of titles yesterday. So I guess it could of been worse if I hadn't noticed to quickly. It's only been since BF3 I've been back online regularly, otherwise they could of done far worse.

**Matt** · 06-11-2011, 12:49

Originally posted by EvilBoris View Post

If you haven't already it is worth searching this document

Random gaming forums (50k users) (2)

http://www.mediafire.com/?3l4e35633djzgf9

MediaFire is a simple to use free service that lets you put all your photos, documents, music, and video in a single place so you can access them anywhere and share them everywhere.

to see if your username or email feature amongst the 55,000 of details hacked from random games forums and the 550,000 sets of username,emails and passwords that got hacked from EA's Battlefield Heroes.

I'm not on that list.

I appreciate the ultimately it was my fault they got my password, it wasn't unique to Live so must of came from pilfering elsewhere. I'm just not happy that automatic checks didn't pick this up until it was too late, and I'm really pissed I can't game online until this is sorted.

**EvilBoris** · 06-11-2011, 13:16

I guess the issue is they don't ask for the card security number like many online shopping sites do, so once you are through the account you are home free

**Neon Ignition** · 06-11-2011, 14:56

It's not even limited to this, despite the earlier scandal about PSN I trust XBL much less. Having your account hacked simply seems to be more likely than with PSN. Sony's issue was the scale but XBL seems to get a constant stream instead. I had my XBL hacked last week with my points disappearing. Thankfully, my bank details and paypal aren't joined to it so they didn't get anything else and I was able to switch accounts to a new ID but the problem with it all is the reliance on the utterly useless Windows ID

**Matt** · 06-11-2011, 16:10

If you look around, it seems the number of people actually "robbed" by the PSN hack is zero. Live does seem to have quite a few incidents of this going on. I'm not saying it's their fault, but I'd like more checks in place to pick up on this, and a faster resolution (seriously, it can't take more than 2 minutes to check console IDs and worki it out).

**EvilBoris** · 06-11-2011, 18:13

**EvilBoris** · 06-11-2011, 18:44

So it turns out it was EA that was hacked.... again.
Well it wasn't even a hack , more of a totally idiotic web coding issue.

This is how it went

origin.ea.com

"I've forgotten my password"

[email protected]

then in the address bar something like this will appear will appear

origin.ea.com/forgottenpassword.php&20SEND_PASSWORD_PASSWORD_TO_ [email protected]

All the "hacker" needs to do is change that email address to theirs, and they will receive your password for the EA website.

pop that all into xbox.com
BANG

paypal.com
BANG

Ebay
BANG

Amazon
BANG

PSN
BANG

just like that.
EA seem to be aware of it now, which is why the password reminder thing is not working anymore.
This will probably be responsible for the current wave of "hacking", but if your password ever gets extracted from any other random website, then you leave yourself open to this.
Cheers to Family Fry for point this out.

I need to go and change mine now, I think my origin account was a more recent variation of my most used password

**Matt** · 06-11-2011, 18:48

Yep, I had the same password for both Origin and Live

Thankfully, not the same for PayPal, PSN, etc.

**EvilBoris** · 06-11-2011, 18:56

I guess it's dead easy to see that a player is registered on battlelog and some people's emails are dead easy to find with a little googling.bastards

**nakamura** · 06-11-2011, 19:07

Changed my EA password. No idea what my live one is, I don't think it is the same as my EA one or my Email.

**egparadigm** · 06-11-2011, 19:25

Well by the look of it I have an EA account, so I changed the password. Let's hope to **** that doesn't compromise any other accounts. Anyone know how to know if yours was got at?

I haven't played online. I think it must be from Mass Effect 2 DLC or something.

Announcement

Xbox Live phished/hacked/somethinged

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment