Microsoft Denies Xbox.com Security Snafu

This time surrounding security on the Xbox website.

Posted by
Microsoft Denies Xbox.com Security Snafu
Microsoft is on the defensive again regarding security concerns over Xbox Live. In response to a claim made by US gamer Jason Coutee that hackers can use a workaround on the official Xbox.com website to obtain User ID confirmation, the company has once again insisted that the service is safe.

Coutee was reported to have $100 stolen from his account, and he alleges - after some digging on the Xbox.com website - that a security loophole exists that allows hackers to be allowed an unlimited number of password attempts, avoiding CAPTCHA validation. He believes that someone with a script was able to keep hammering away at his account until it was eventually broken into.

"Microsoft can confirm that there has been no breach to the security of our Xbox Live service," reads a statement sent to IGN. "The online safety of Xbox Live members remains of the utmost importance, which is why we consistently take measures to protect Xbox Live against ever-changing threats.

"Security in the technology industry is an ongoing process, and with each new form of technology designed to deter attacks, the attackers try to find new ways to subvert it. We continue to evolve our security features and processes to ensure Xbox Live customers information is secure.

“Online fraud and identity theft are industry-wide problems, and as such people using any online services should set strong passwords, not share those passwords across multiple services and refrain from sharing any personal details that could leave them vulnerable."

This is the second time in as many weeks that Microsoft has come under fire for security concerns surrounding Xbox Live. Just a week ago the company issued a similar statement, after a user claimed that her Xbox Live Gold account was being used to create Gamertags destined for the black market, costing her hundreds of dollars.
Companies:

Comments

Posting of new comments is now locked for this page.