Xbox Live users report unauthorised FIFA purchases

14 Oct 2011 at 20:23:07 by Peter Parrish

A growing number of Xbox Live users are reporting compromised accounts that have been used to make FIFA-related purchases.

The stories share many similarities; unauthorised purchases of points, or activity on the credit card linked to the Live account, with evidence of FIFA Soccer 11 or 12 having been played too.

At this stage it's difficult to assess how many people have been affected, but multiple users have been reporting this pattern on forums, blogs and link sites like reddit.

Microsoft's default response to the issue appears to be to shut down the Live account for upwards of a month for an 'investigation', followed by a refund. However, when whatthegeek.net asked the company for further information regarding the breach to his account, and for tips on how to avoid the same thing happening in future, Microsoft remained silent.

While this problem doesn't (yet) appear as widespread as the hacking issues that have affected Sony and PlayStation Network, Microsoft has at least taken it seriously enough to issue a flat denial:

"We do not have any evidence the Xbox LIVE service has been compromised. We take the security of our service seriously and work on an ongoing basis to improve it against evolving threats. However, a limited number of members have contacted us regarding unauthorized access to their accounts by outside individuals. We are working with our impacted members directly to resolve any unauthorized changes to their accounts. As always, we highly recommend our members follow the Xbox LIVE Account Security guidance provided at www.xbox.com/security to protect your account."

That statement seems remarkable, as it would appear that, at the very least, a small number of Live accounts have indeed been compromised. At this stage though, it appears Microsoft is putting the blame squarely on individual users, rather than admitting to a wider security problem.

Given the involvement of FIFA, it is also possible that people are getting hold of EA account details (which are necessary for much of the online functionality of FIFA titles) and somehow taking advantage this way.

As things stand, the only thing users can really do is keep an eye on their account activities and report anything unauthorised to Microsoft.

Comment