Last week, Xbox Live subscribers complained of security breaches regarding their accounts. Microsoft investigated these incidents, with Microsoft’s Aaron Greenberg concluding, "Despite some recent reports and speculation, we want to reassure all of our 6 million Xbox Live members that we have looked into the situation and found no evidence of any compromise of the security of Bungie.net or our Live network."
But this week, Microsoft is not so sure as it now admits that some of the accounts were compromised after all, but that the problems weren’t due to hacking as much as "social engineering," or scams to get secure info from subscribers through fraud and deception.
Larry Hryb, who is better known as Major Nelson, reported, "As originally posted, Xbox Live has not been hacked. That is still true. A security researcher, Kevin Finisterre, discovered not a hack, but the fact that some accounts may have been compromised as a result of ‘social engineering’, also known as ‘pre-texting’, through our support center." He continued, "They are examining the policies, and have already begun re-training the support staff and partners to help make sure we reduce this type of social engineering attack."
Hryb then said candidly, "There’s no other way to say it; this situation shouldn’t have happened. Our customers deserve better."
