Microsoft has confirmed that hackers have gained access to several "high profile" Xbox Live Accounts of current and former employees. The company has released a statement to The Verge concerning the cyber attack in question:
"We are aware that a group of attackers are using several stringed social engineering techniques to compromise the accounts of a handful of high-profile Xbox Live accounts held by current and former Microsoft employees...We are actively working with law enforcement and other affected companies to disable this current method of attack and prevent its further use. Security is of critical importance to us and we are working every day to bring new forms of protection to our members," Microsoft said.
It appears that the hackers gained access to the targets social security numbers, then used social engineering to use that date to gain access to the Xbox Live accounts of those that were targeted. Microsoft insists that it does not collect social security numbers of users, but that the information was obtained through a hacked third party.
"Microsoft does not collect or use Social Security numbers in its services, including Xbox LIVE Gamertags or Microsoft accounts. Attackers are targeting high-profile Microsoft employees by social engineering other companies that do use this data to intercept security proofs from Microsoft to compromise the accounts."
Microsoft is at least trying to work with the other hacked companies to close out the individual loopholes that have caused the affected accounts to get hacked. By closing each of these loopholes, hackers will no longer be able to exploit the path that lead them from one third-party company to Microsoft to the Xbox Live accounts. Xbox Live users are encouraged to follow safety guidelines for their accounts, including setting up security proofs for their information.
- Contribute to this Story:
- Send us a tip
- Send us a photo or video
- Suggest a correction
