Microsoft has issued a statement confirming that some of its “high-profile” Xbox LIVE accounts that are said to belong to both former and current employees have been hacked, reports the folks over at ars technica, which was cyberattacked yesterday by the same hacking group. Known as Team Hype, the hackers are suspected to have caused a host of grief, including having possibly caused a police raid on Brian Krebs, a security reporter.
Said Microsoft to ars technica: “We are aware that a group of attackers are using several stringed social engineering techniques to compromise the accounts of a handful of high-profile Xbox LIVE accounts held by current and former Microsoft employees. We are actively working with law enforcement and other affected companies to disable this current method of attack and prevent its further use.”
In addition, Team Hype is said to use stolen Social Security numbers and credit information to take over Xbox LIVE accounts, according to Krebs, who has also linked one of the hackers with ordering DoS attacks on both his own and ars technica’s websites. The hackers made public videos of them holding account hijacking sessions, with some of those hijacked accounts then being sold to LIVE users.
Earlier today, Microsoft also confirmed that Xbox LIVE users who had used the Xbox Entertainment Award app were compromised, with the Entertainment website having displayed approximately 3,000 instances of gamertags and private information, such as addresses and names. As a result, Microsoft has temporarily pulled the app while it sorts out the issue, directing concerned customers to its Xbox Security Web page.
[via ars technica]