Re: [Full-disclosure] Xbox live accounts are being stolen

Hi Ashley... I can certainly understand your frustration. Although my
account was "taken care of" and I was ultimately given some things to
quiet me down, I never got an explanation of what *really* happened,
I never got any information about who I could prosecute or anything
like that. As you can see I had to be very vocal about the whole
situation in order to get my issue taken care of and the process was
quite lengthy, time consuming and frustrating, so good luck.

I have CC'd a gentleman from Microsoft that got me taken care of in
the past. He should hopefully be able to help you out, no promises of
course.

I think it would be fair of me to say really don't like Microsoft's
"disclosure policy" under these circumstances.
-KF

On Aug 7, 2007, at 5:08 PM, Ashley Wilson wrote:

Hey there,

I'm so very frustrated with Microsoft and went on a search to see
if anyone else has had the same issue and low and behold, I came
across you're article of sorts.

Its been over a month now, since I was hacked. I woke up on a
Sunday morning, check my email as I do everyday. I had 4 emails
from Microsoft stating I purchased 20000 Microsoft points and a
year subscription. As most people would, I panicked and wondered
what kind of insane thing happened. When I turned on my Xbox and
attempted to log into my account, I couldn't. My boyfriend shortly
after that, recovered my account on the Xbox and we came to find
out that my username had been changed, all my friends had been
deleted off my list and my motto was changed to "LOL I got jacked."

I was furious to think someone could do such a thing. They not only
stole my account but over 400 dollars was spent on my credit card.

I called Microsoft support shortly after that. I got the "run
around." Transferred to one agent and then another. They basically
accused me of giving out the information. I eventually got to speak
to a supervisor, who assured me that everything would be taken care
of. They even said they would catch the individual that did this
and assured me a phone call in a few days, as they had to send in a
full investigation the next day.

3 weeks later and I was still waiting for a call.

I decided it was time for me to call them, since obviously I as a
customer wasn't important to them. Again, the "run around." I spoke
with again, another supervisor who informed me that they hadn't
even sent out the investigation yet. He assured me that he would
send it out that very day and I should receive a call within 3 days.

I sat home waiting to receive a call for 3 days.

Again, I never received a phone call.

By the 4th day, I called again.

Speaking with an agent who assured me, I will receive a call. "Its
under investigation now, you have to wait for a phone call."

Now, 2 weeks later and I called again today.

I'm told that they attempted to call me today and I have to wait to
speak with them because there is nothing they can do. I paid for a
subscription that I am not getting to use and apparently won't be
able to use. I'd also like to mention when he said they tried
calling today, he said they left a voice mail message. I don't have
voice mail, so I got concerned. Then he read "my phone number" It
wasn't even my number and I had never heard the number in my life.
Slightly odd, since I gave them my phone number the previous time I
had called.

Now I'm suppose to receive a call this Thursday. We will see.... I
won't hold my breathe.

I am so very frustrated that Microsoft as huge a cooperation as
they are, doesn't even have the decency to call me or reimburse me
for a 50 dollar Xbox live account.

I apologize for this longwinded email and I'm not even sure if you
still care about this issue but I was quite overjoyed to see I
wasn't alone.

Sincerely

Ashley Wilson

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Relevant Pages

  • Re: XP secure during repair?
    ... account or account entrance that is built in or could they run ... personal information I have on my hardrive should it need repair. ... and ways to extract your passwords and gain ... || don't care what spam you get, or what Aunt Sally's goiter is up to ...
    (alt.computer.security)
  • Re: Documentation and Usability
    ... > Monique Y. Herman wrote: ... > I can understand someone elses' frustration in learning how it use it. ... I don't care how you spell newbie, ... atmosphere blah blah blah ... ...
    (Debian-User)
  • Re: flexible subroutine parameters
    ... >"common" module when it plainly is not a common module..if the outputs ... >CALL GETACCT using PARM1 PARM2 ... My goal with GETACCT is that I can pass it an account ... program doesn't have to care what "kind" of account it actually is. ...
    (comp.lang.cobol)
  • suggestion for TCPIP: TCPIP$SMTP_PERSONAL_NAME
    ... In a given account, ... variety of addresses (different user names: taken care of by ... valid VMS username; different domains taken care of by ... and in those which invoke MAIL later, not in MAIL which had already been ...
    (comp.os.vms)
  • Re: XP secure during repair?
    ... >> emails and financial details. ... I want to do the repair and get ... > going to have to access an account, and after that, I need to access ... > don't care what spam you get, or what Aunt Sally's goiter is up to ...
    (alt.computer.security)
Quantcast