Yes, there's not a single reason to take it offline. Those were indeed the words I used.

The servers are secure, so there's no reason to shut them down. Why would there be? As I said, what they should be doing is securing up things like payments, so that they can ensure the person trying to make a purchase has the card in their hand. That's what they should be doing. Not shutting it down, which won't achieve anything aside from annoying all the people that haven't been phished.

(And by "phished," I include every way a hacker may have obtained a password, because there are probably a million and one ways they could do it, some the user's fault, some completely invisible to the user so they'd have no idea at all.)

Maybe they should stop payments until they resolve the issue? Or how about, shock gosh, not storing any payment info so you have to re-enter your card details every single time.

Wow. I've just solved any possible theft Live could suffer from in under 30 seconds. How hard was that

As it seems to be a trend to post links where MS clearly state it's not that, try this one:



The bit that jumped out at me:

"when he contacted PayPal, a representative told him the online banker had received 19 calls within the past hour about the issue."

If that's true, then crap!

They shouldn't stop payments. They could still store payment info. All they have to do is make it so that when you make a purchase, you have to enter the security code from your card, or enter your PayPal password. That would solve payment issues without having to close anything down.

It wouldn't solve everything, though, as people with MS Points loaded on their accounts would still be at risk of having them spent. I dunno what you want to do, though. Close it down until it's sorted? Until what's sorted. Xbox LIVE hasn't been hacked. You'd be closing it down until the end of time if your idea is "close it down until the hackers get bored."

It doesn't have to of come from origin it could of come from countless places where the same details have been used, but that has already been said.
The chances are the details have been taken from somewhere far less secure than windows live ID.

Yay for Matt! Right as always, he's fixed the problem! Can you fix the NHS whilst you are there?

As has already been pointed out many many posts ago by myself and others, yes there could be other things in place beyond just illgally obtaining someone's logon details that could stop purchases being made, but you should know, working where you work that making what might seem like a simple change to a system is not actually that simple.

The problem is if Microsoft say anything or make any improvements/changes so soon after the unfortunate events that have affected a tiny number of people, a PR ****storm will occur regardless of who is to blame, something I'm sure that MS is keen to avoid, especially if they haven't been compromised in any way.

This kind of stuff happens all the time, just put
Itunes account hacked
Paypal account hacked
PSN account hacked
Ebay Account Hacked
Amazon Account Hacked
Credit Card Details hacked

into google and you'll be faced with thousands upon thousands of pages of documentation of similar things happening to other people, it's not exclusive to Microsoft.
At the end of the day your situation has arisen from your own actions and lack of precautions and you should just suck it up. Things like this happen to the best of us

How do you know Live hasn't been compromised? Because MS told you. The same company who said RROD only affected something like 3% of all consoles.

And in case people haven't worked it out, this goes far beyond a couple of hackers. This is organised crime. If those PayPal numbers are correct, it's incredible. Nearly 250 people a day, and that's PayPal alone. Credit Cards / Debit Cards would number at least double those you'd of thought. 500 a day? More? That's an insane amount of people, IF TRUE.

Guess what? I have no more evidence than anyone else here, so I'll not start saying that until I know it's a fact. The facts we know are clearly outlined in this thread, everything else is speculation or PR spin. It's a debacle and I hope no-one else here has to go through the process I went through.

Boris, one of my friends who had his account hacked, it happened after he changed his password following my hack. So a brand new, unique password that had only been in place for a few weeks. Where could they of got that password from?

This is true. And shows that the priorities are arseways.

You should suggest they use 'suck it up' in ads, Boris. Sums it up nicely.

I know Live hasn't been hacked because I'm not totally paranoid. Look, I know you've been hacked and it's ****, and you're looking for answers. You don't want to think you've done anything wrong because that's just natural. I once had my eBay account hacked and I have no idea how it happened, and the one thing I didn't say is "it's my fault" because I'm convinced it wasn't. I don't have any idea what it was though, and it was as likely my fault as anything else. Like I say, there are tons of ways your account details can be invisibly compromised and there's no way you'll ever know the cause. You don't think LIVE's been hacked, you want it to have been hacked, because that provides you with an answer as to how it happened, and it absolves you of blame. You probably don't even realise you're doing it, but that's all it is. It's just natural.

If Xbox LIVE had been hacked like PSN was, and MS had gone on this long denying it, there would be criminal proceedings when it came out. They would pay billions in compensation. It would go beyond "PR disaster." If Xbox LIVE had been hacked they would have shut it down the second they realised it. Just let it go.

He could have a keylogger on his system. There you go. Easy. If not that, there are other ways.

You could almost split this forum into Pro MS (which so far seem to be people with "Writer" credentials, lol) and Right Thinking People. Because honestly, stop defending them people. Just look at what is going on to GAMERS. Remember when you were Gamers?

PS - I'm happy to take responsibility for having a non unique password. But the fact is once a hacker was into my account, MS should have a system in a place to detect it pretty much immediately. I'll even write them the ****ing code:

"User logging in on new console id;

if any purchases are made, query them"

Look, I've just made Live secure again! Hurrah. That's twice now. They should give me a job.

It'd be an awful lot of money to spend just to wind up a few people

If only you were as good at quickly making short films as you are quickly solving problems for multinational IT corperations!

While I reckon just about everything else in your post is probably right, not buying this at all. Part of the reason for the Sony ****storm was that they took something like 3 days to react. Not the second they realised exactly. And importantly the ****storm didn't actually occur until they did come clean. As EvilBoris says, PR comes first here.

As you yourself have pointed out, they already have a problem in the lack of security measure within the accounts. Have they realised it? Guessing so. Yet they haven't reacted.

Fair points, but I still can't believe for a second that they'd have allowed the hacking to go on this long if it was their own systems leaking account details. Because once word really did get out, "****storm" wouldn't even begin to cover it.

They kinda had their hands tied though, didn't Anonymous come forward and say they were the reasoin that PSN was down?