XBox security questions
December 30, 2010 3:13 PM
How exactly does XBox account security work? Our 360 was stolen in November. We haven't bought a replacement yet, but we did change the password on the Live account associated with the console immediately. We just noticed that within the last few days, our gamertag has logged on and has been playing games, buying avatar items with points we already had, etc. WTF?
Googling seems to indicate that changing your account password doesn't affect autologin on the console itself, which seems to be a pretty big security failure, but whatever. Could they also purchase more points with the associated credit card? They haven't yet, or done anything else that actually requires a credit card transaction. We're trying to get the local police to call Microsoft so they can get an IP and trace the console to a physical location, so we don't want to completely disable the account yet, but if that fails, how can we get our account back? Is there any process that will allow us to keep our gamertag while making them unable to access it?
Also, has anybody here successfully tracked a stolen XBox? XBox customer service gave us a number to call, but apparently only law enforcement or lawyers are supposed to call it, and the local PD hasn't called us back yet.
Googling seems to indicate that changing your account password doesn't affect autologin on the console itself, which seems to be a pretty big security failure, but whatever. Could they also purchase more points with the associated credit card? They haven't yet, or done anything else that actually requires a credit card transaction. We're trying to get the local police to call Microsoft so they can get an IP and trace the console to a physical location, so we don't want to completely disable the account yet, but if that fails, how can we get our account back? Is there any process that will allow us to keep our gamertag while making them unable to access it?
Also, has anybody here successfully tracked a stolen XBox? XBox customer service gave us a number to call, but apparently only law enforcement or lawyers are supposed to call it, and the local PD hasn't called us back yet.
I would contant the MS support for xbox. If you have proof that it is your tag and your box then you might be able to get them to cooperate with police and track down where the IP is coming from.
Aside from that maybe you could go the rogue/covert route and see if you can find recent posts online talking about your userID, or get people to friend your new self and see if you can get ANY info out of them at all. There are times when the police will help out a lot more if you show initiative
> affect autologin on the console itself, which seems to be a pretty big security failure, but whatever
that sucks, sorry to hear that. the PS3 authenticates passwords :)
posted by zombieApoc at 4:07 PM on December 30, 2010
Aside from that maybe you could go the rogue/covert route and see if you can find recent posts online talking about your userID, or get people to friend your new self and see if you can get ANY info out of them at all. There are times when the police will help out a lot more if you show initiative
> affect autologin on the console itself, which seems to be a pretty big security failure, but whatever
that sucks, sorry to hear that. the PS3 authenticates passwords :)
posted by zombieApoc at 4:07 PM on December 30, 2010
Good luck with this. My son's gamertag was hacked somehow and they changed the email address associated with it. I spent no less than 6 hours on the phone with them over the next few weeks trying to recover it. I mean, I had the credit card used on it, but even so it took DAYS to get through to anyone over there who would work with me. They basically have a script to follow, and if you don't phrase what you want in just the right way, you're out of luck. When you talk to them focus on the "recover gamertag" phrase. When I said his gamertag was hacked, I was made to wait a week while they investigated. Then they said, hmm, seems to be no unauthorized activity (because nothing was purchased with it), and closed the case without notifying me. Then I had to call back and start over. I waited until the Live subscription was due to be renewed, saw it got renewed, and THEN I called. Then they saw unauthorized activity and sent recovery instructions to...the hacker's email address. Gah. Then I had to call yet again, and go through it again. At the end of it all they gave him 6 mos of free Gold credit, and I picked out his new password to make sure it was secure, because honestly, one more call with Xbox support would have made me lose my mind.
Microsoft said they had no way to trace the hacker, which surprised me. They also encouraged me several times to get a new gamertag. I refused to let it go.
I hope it works out better for you! Not sure how helpful this answer is, but having gone through a similar thing, I wanted you to know that it may be painful, but it can be done.
posted by routergirl at 4:08 PM on December 30, 2010
Microsoft said they had no way to trace the hacker, which surprised me. They also encouraged me several times to get a new gamertag. I refused to let it go.
I hope it works out better for you! Not sure how helpful this answer is, but having gone through a similar thing, I wanted you to know that it may be painful, but it can be done.
posted by routergirl at 4:08 PM on December 30, 2010
This thread is closed to new comments.
As far as other options, I've heard of people having good results contacting @xboxsupport on Twitter.
posted by lantius at 3:23 PM on December 30, 2010