Xbox website hacked, leaking info of thousands of users

Xbox Entertainment Awards

Microsoft’s Xbox Live has never suffered a massive security breach like the one that crippled Sony’s PlayStation Network in April 2011, when the personal information of millions of users was stolen in one fell swoop, and Sony’s network was offline for more than a month. The company projected losses of $170 million following the hack. But while nothing of that scale has happened, Microsoft’s Xbox Live business – across all platforms from Xbox 360 to Windows – has always been more vulnerable to smaller scale thefts of information. The latest: The Xbox Entertainment Awards 2013 was hacked, leaking the information of close to 3,000 users.

MCV first reported on the hack on Tuesday morning after a reader submitted a link to what seemed to be a list of all the users that voted in the Xbox Entertainment Awards. The list included the names, Xbox Live usernames, email addresses, and birth dates of everyone entered into the Xbox Entertainment sweepstakes. Anyone that went to the link could remove this information from the list or edit it as they pleased, but Microsoft promptly took down the Xbox Entertainment Awards website.

“We are currently experiencing technical difficulties with the Xbox Entertainment Awards landing page and have taken the site offline while we investigate,” reads a statement from Microsoft itself.

The additional page listing user information has also apparently been taken offline.

Sensitive information like Xbox Live passwords or credit card numbers and expiration dates were thankfully not included in the information submitted to the Xbox Entertainment Awards.

Microsoft has been trying to fight scammers on Xbox Live for years. Though the network has never been breached on a large scale, many Xbox Live members have reported that their accounts have been hacked. As Microsoft’s Doug Park told Kotaku in 2012 that Xbox Live users’ problem isn’t hacks but phishing scammers. “It’s not hack,” said Park, “It’s just a different way to monetize stolen accounts.” That isn’t totally true, though, since hacking into an Xbox Live account by exploiting password generators is all too easy.

The most common problem is that users’ gamertags and passwords are stolen and subsequently sold on the black market, where buyers are able to buy up games, movies, and music on their Xboxes using the stolen information.