Fifa/EA Servers Leaving XBLA/PSN Accounts Open To Hacking

  • Page

    of 8 First / Last

    Previous
  • speedjack 12 Oct 2011 10:29:06 628 posts
    Seen 20 hours ago
    Registered 12 years ago
    Well that was interesting...

    Tried to log in to XBLA last night only to find that my gamertag has been 'recovered' to someone elses machine.

    I then find out that I've had 5000 then 500 MS points bought on my credit card. Better yet, all the points including the 120 I had already on my account are gone ...all spent on FIFA 12 content packs yesterday afternoon while I was at work.

    Not only that, but my account now has 35 FIFA 12 achievement points on it !!! Never played the game in my life - hate football.

    Cancelled my credit card, changed my passwords and contacted MS this morning.

    From the chat I've had it appears that this is a known issue. As you know EA host their own servers and the MS employee has told me that there is an issue with EA's servers that leaves my XBLA account details vulnerable - and therefore my credit card open to fraudulent use.

    They are now going to lock my gamer tag for 30 days whilst they investigate. They did suggest that I create a new gamertag whilst this goes on but obviously any achievements won't carry from the old tag.

    And it looks like I'm not alone :-

    http://thegooster.wordpress.com/2011/09/28/xbox-live-users-hacked-victims-in-the-name-of-eas-fifa-dlc/

    I'd LOVE EG to look into this... and baring in mind the PSN fiasco I'm surprised they haven't.

    I'm also staggered that EA/MS are getting away with this and I can only assume that I opened myself up to this by playing EA games on line (Battlefield Beta) ?

    Anyone else had this issue ?
  • dunts 12 Oct 2011 10:38:27 4,211 posts
    Seen 2 days ago
    Registered 6 years ago
    Since your e-mail or live ID is linked to your gamertag, they only need access to your e-mail then they have access to your gamertag. Then they can recover it whereever they like.

    The other possibility is, they phoned up EA and basically pretended to be you and got some stuff changed or moved. I've heard of that happening.
  • speedjack 12 Oct 2011 10:42:14 628 posts
    Seen 20 hours ago
    Registered 12 years ago
    Fair enough... so why is it only Fifa players doing it then and why is it only FIFA DLC being purchased? Surely if it was that easy wouldn't it be other games and other DLC.

    When I spoke to MS the employee said it was specifically an EA flaw and it appears its been happening with FIFA 11 too :-

    http://www.giantbomb.com/xbox-360/60-20/live-account-hacked-fifa-11-related/35-499570/
  • dunts 12 Oct 2011 10:47:47 4,211 posts
    Seen 2 days ago
    Registered 6 years ago
    Because FIFA is very popluar and has Ultimate Team, lots of kids will do anything to get free packs. They phone up EA, pretend to be you and then get your stuff moved. It's stupidly easy to do and needs to be sorted.
  • Futaba 12 Oct 2011 10:56:07 3,520 posts
    Seen 8 hours ago
    Registered 9 years ago
    This is why it's better to use prepaid cards... People who do this are scum and need to die a painful death.

    Oh, and MS should be faster/more helpful with the victims of this shit. From what I've read they take too long with the investigation and make it as difficult as possible for the victim to reclaim their stolen money/account, as if having it compromised in the first place wasn't bad enough.

    As far back as I can remember I always wanted to be a ninja.

  • Ampeg 13 Oct 2011 02:25:49 35 posts
    Seen 1 year ago
    Registered 8 years ago
    Same thing happened to me today, 5000 points bought and spent on Fifa 12 stuff and a couple of achievements left for Fifa as well.
    Theres a fairly lengthy thread on neogaf, this seems so have happened to a number of people over there and a quick search will turn up plenty more live account highjacks where Fifa 11/12 content has been bought.
  • Feanor 13 Oct 2011 03:51:07 14,180 posts
    Seen 24 minutes ago
    Registered 13 years ago
    I feel really sorry for anyone this has happened to. Points cards are the way to go on the 360, though. Get them at a discount and remove your credit card from your account.
  • NunianVonFuch 13 Oct 2011 04:24:27 87 posts
    Seen 11 months ago
    Registered 7 years ago
    Happened to me a few months ago as well so it's not a new thing. Got a full refund on everything but couldn't login to Live during the "investigation period" which was a few days. Didn't realize it was widespread though, or due to EA's service itself. Cheers for informative post!
  • Harmonica 13 Oct 2011 07:27:21 966 posts
    Seen 13 hours ago
    Registered 10 years ago
    I don't really buy the impersonation line, surely EA reps are not going to be that stupid now to give out passwords over the phone or change email addresses? But that aside, is there anything anyone can do to check they are secure. I have a massive keepass generated password on my email so I don't see there's any way my account could be recovered.

    Also seconding the 'EG do your job and investigate this stuff' angle.

    edit: pretty thorough blog post on the issue.
  • wyp100 Staff 13 Oct 2011 07:51:56 7 posts
    Seen 5 minutes ago
    Registered 5 years ago
    We are looking into this guys. Thanks for bringing it to our attention.
  • Ampeg 13 Oct 2011 21:45:12 35 posts
    Seen 1 year ago
    Registered 8 years ago
    Patrick Klepek at GB is looking for stuff as well, just twittered:

    If you or someone you know had their Xbox Live account compromised recently, please email me with details: patrick@giantbomb.com
  • Syrette 14 Oct 2011 14:44:18 43,753 posts
    Seen 2 hours ago
    Registered 12 years ago
    Article on the main site.

    http://www.eurogamer.net/articles/2011-10-14-xbl-accounts-hacked-to-buy-fifa-packs

  • Gearskin 17 Oct 2011 17:36:03 2,045 posts
    Seen 1 day ago
    Registered 8 years ago
    Happened to me today! Two points packs, Fifa 12 on my gamercard. 35 points.
    85 billed to me.

    I only noticed it because I was on www.britxbox.co.uk and my recent activity had Fifa on it. Which I don't own. I called the bank, the transactions aren't even on my credit card yet, but they were made today. Call Microsoft, they confirmed the account recovery and purchase. They've suspended my account whilst they investigate.

    Annoying.
  • Deleted user 17 October 2011 18:03:28
    scumbags
  • Bahamafish 18 Oct 2011 17:35:26 378 posts
    Seen 10 hours ago
    Registered 7 years ago
    This happened to me today. The MS support were blaming EA for it when I called. Something has to be done about it.
  • King_Edward 18 Oct 2011 17:47:39 11,454 posts
    Seen 2 days ago
    Registered 4 years ago
    It's amazing the lengths people will go to just to buy card packs on Fifa. If I was gonna rip someone off I'd atleast get something worthwhile.
  • Clart 18 Oct 2011 20:48:05 1,010 posts
    Seen 4 hours ago
    Registered 11 years ago
    This has just happened to me today too. I just managed to recover my gamertag on my console to find that all my points were spent on 'Silver Upgrade' and 'Premium Gold Packs' and there were some achievement points for FIFA 12, which I've never played... :(

    Fortunately my credit card on file with MS expired in the summer, so it was only my points that they managed to rinse. I'm currently waiting in line to speak with Xbox support - it's been 20 mins so far...

    To those that have had this happen to them - did you get reimbursed?
  • phoopipe 18 Oct 2011 21:15:21 1,421 posts
    Seen 11 hours ago
    Registered 7 years ago
    King_Edward wrote:
    It's amazing the lengths people will go to just to buy card packs on Fifa. If I was gonna rip someone off I'd atleast get something worthwhile.
    I suspect its more about selling the cards in game and then selling the 'virtual coins' on ebay, they sell for a fair amount.


  • DiSC0_JeRk 30 Oct 2011 00:25:02 131 posts
    Seen 15 hours ago
    Registered 4 years ago
    Fucking fucks. Went to play some Batman and found my account has been hacked. Last game played was FIFA 12 (which I don't own) and my 4000 points have been spent on some ultimate team shite.

    Fucking fucks.
  • Psychotext 30 Oct 2011 00:43:56 54,391 posts
    Seen 1 day ago
    Registered 8 years ago
    Happened to my missus's account a couple of weeks back. Surprised I didn't post in here about it.
  • warlockuk 30 Oct 2011 08:02:40 19,185 posts
    Seen 1 day ago
    Registered 10 years ago
    Happened to me a few months back, but I have no idea how it happened. Maybe they did the old use cutomer service's incompetence against them trick.

    I'm a grumpy bastard.

  • fatboy996 7 Nov 2011 20:34:57 237 posts
    Seen 7 months ago
    Registered 12 years ago
    just happened to me :(

    Anyone know how to get my gamertag unlinked from the fake EA email address someone has used. This is just on the EA site, xbox live was easy to fix.

    Edited by fatboy996 at 20:35:30 07-11-2011
  • trjp 16 Nov 2011 14:21:59 19 posts
    Seen 3 days ago
    Registered 5 years ago
    Interesting thread - happened to me (8 Oct) and MS are saying it was "not fraud" and refusing to refund the points I had stolen.

    I recovered my cash via my own bank (who were mostly helpful but it took a while) but MS are insistent that this is not fraud (and they're taken all the time since to decide that!!).

    The guy I spoke to today insists that the 'points were bought using my console" (Id/Serial Number) when I don't even own FIFA and hadn't turned it on 7 days either side of the purchase...

    There's clearly a GAPING security hole here - whether it's with EA or MS I've no idea but I cannot even consider putting a payment method back on the account and I'm in half-a-mind to junk the account entirely (I care not 1 jot about achievements etc.)

    p.s. since it happened to me, I've spoken to 2 friends who've had the same happen and they each know of a couple of people and so on - I'm guessing this is pretty widespread!?

    Edited by trjp at 14:22:41 16-11-2011
  • trjp 16 Nov 2011 14:26:06 19 posts
    Seen 3 days ago
    Registered 5 years ago
    p.s. MS's take on this (at least what they chose to tell me) is that people are 'guessing' your security question, resetting your password and buying the points.

    Problem is - my security question wasn't a dictionary word and/or guessable by anyone even if they knew me (unless they've known me since I was about 3 years old!!) so I'm not sold on that solution myself.

    There's threads on the XBOX Forums going back to January 2011 and threads elsewhere heading back into 2010 all referring to hacks which only buy "Premium Gold Packs" for FIFA (10 then 11 and so on) - but I've no idea if it's related to EA (I have NFS games so my account is attached to EA I guess) or just because people can trade what they get for these packs!?!?

    I think it might be time someone lit a fire somewhere as it's clearly a fairly substantial issue - if you have a payment method on your account, I'd lose it sharpish if I were you...
  • Psychotext 16 Nov 2011 14:32:36 54,391 posts
    Seen 1 day ago
    Registered 8 years ago
    Yeah, it's obviously a fairly big issue at this point.

    Gaming journalists are very happy to take MS's / EA's word on it being nothing more than phishing though. Which is strange, because if it was phishing you'd imagine it would be happening to PS3 accounts too.
  • mad_caddy 16 Nov 2011 14:39:10 3,306 posts
    Seen 1 week ago
    Registered 10 years ago
    I had mine done a few weeks ago, got a full refund from MS, and I'm having an argument with my bank as it put me overdrawn and now they're charging me for that.

    When i spoke to MS I had had my security question changed as well as a few other bits, but I got control of my account back myself. it was a massive pain and is still on going. MS were really good about it but didn't tell me the actual cause of the "hack"
  • Psychotext 16 Nov 2011 14:43:41 54,391 posts
    Seen 1 day ago
    Registered 8 years ago
    Still waiting for the "investigation" to complete on my missus's account. Apparently they're telling people five weeks now, and it's going up. Good job she doesn't play online.
  • mad_caddy 16 Nov 2011 14:52:21 3,306 posts
    Seen 1 week ago
    Registered 10 years ago
    the biggest problem here is that people have figured out that you can change Ms points into real money through EA micro transactions, they buy a load of points and then stuff for the game, trade them off and then sell them or trade them. it's fucking dirty if you ask me.
  • trjp 16 Nov 2011 16:12:44 19 posts
    Seen 3 days ago
    Registered 5 years ago
    Psychotext wrote:
    Still waiting for the "investigation" to complete on my missus's account. Apparently they're telling people five weeks now, and it's going up. Good job she doesn't play online.
    You can still play online whilst your account is locked - what you can't do is buy any points/games/subscriptions (no idea what happens if Gold expires whilst your account is suspended then).
  • Page

    of 8 First / Last

    Previous
Log in or register to reply