Friday was Celeste’s birthday, and we had a great weekend with my parents, who took us out to dinner that night and with Celeste’s parents, who took us out to dinner last night and stayed at our house until today. After all the celebrating was done and everyone had gone home, I decided to hop on the Xbox for a little while. I fired it up and tried to log into my account, only to have it tell me that my account was invalid and needed to be recovered to my console. This has happened once before, due to what I had assumed was a technical glitch. I selected to recover the account and entered my username and password… and they came back as invalid. Confused, I went to the computer and tried to log into Xbox.com. Same thing… invalid password for my account.

It was then that I started suspecting that something was amiss, so I went to live.com, which is connected to Xbox and often is the source of login woes for me. I tried to get into my account there, but I got the same error. I thought maybe I’d remembered my password incorrectly, so I selected to reset the password and have it e-mailed to me. I got the new login info from my e-mail and finally was able to get into Xbox.com with it. Except… instead of my usual Prophet Five account, I was logged into some other gamertag called UnbredDrip7. That’s when I was positive my account had been hacked.

At that point I called 1-800-4-MY-XBOX and told them about my suspicions and what I’d done over the past few minutes. The support guy was friendly and helpful and was able to ascertain that, yes, someone had indeed hacked my stuff. They somehow got into my account and changed it to have their e-mail address (a Hotmail.co.uk address) point to Prophet Five, and they linked my own address to UnbredDrip7, which I’d bet came from the random name generator you can use when you make a new Xbox account. Further, he was able to tell me that this person had used my credit card attached to my Xbox account to purchase 10,000 Microsoft points, racking up a bill of $124.98. They then used those 10,000 points to buy add-on DLC for FIFA 12. A soccer game, and they paid 10,000 points into downloadable content for it. Seriously?

I asked how soon Microsoft could fix this for me, and that’s when the hammer dropped. My Xbox Live account will be inaccessible to me for 25-30 days while they investigate the issue. I won’t be able to do anything online until they deign to return my account to me, and–even better–it’s going to take them that long to return the stolen $124.98 to my credit card. I was pretty stunned at that point, and after I got off the phone I did some Googling and forum searching. It turns out that I’m the latest in a widespread spree of Xbox account hackings by European football enthusiasts. It hasn’t made big news like the PlayStation hacking did, for some reason, but there are a lot of us, most of whom have lost our accounts and exactly $124.98.

With the details so specific and common, it seems like the investigation process would be pretty simple and that Microsoft would want to get all this sorted out and swept under the rug. And yet it’s taking them a month to get my money back to me and my account returned to my console. At least I’d be able to play my single player games offline and earn achievement points while I waited to be able to play online again, right? Wrong again.

I called Xbox support again tonight with some additional questions, and that’s when I learned that I can’t even play games offline during that month. Or, technically, I can, but any save games I make during that time will be invalidated when my online account is restored, and any achievements I earned in the interim will be wiped away. The person who stole my account recovered the account to his own Xbox in the UK, so it’s no longer attached to my legitimate console. Anything done on my console won’t count towards my account since my console is not currently linked to it. So I am entirely unable to play Xbox 360 games in any shape or form during this 25-30 day period. I voiced my frustration to Xbox support and asked to speak with someone who actually handles these investigations. I was told the process is handled by a mysterious investigations group, and there is no way to contact them. The support guy literally told me that he has no way to get in touch with them, and no one at Microsoft support can contact them, either. It’s like these guys are in witness protection.

Here’s what’s impacted by all of this:

  • I am unable to play anything on my Xbox for about a month. I typically play for at least an hour or two a day as one of my main de-stressing outlets. Not cool.
  • I can not review any games we’ve been sent and / or bought for Fandomania.com. This is the biggest game release month of the year, so again… Not cool.
  • We can’t watch Netflix through our Xbox, as the Netflix account is tied to my Xbox account and console.
  • There will be a ton of game deals and discounts on the Xbox Marketplace on Black Friday, and I’ll be able to take advantage of none of them (or any of the Deals of the Week between now and whenever I get my account back).
  • I won’t have access to anything on my Xbox through most of the holidays, meaning I couldn’t have family or friends over to play Rock Band or anything else, even if that unlikely scenario presented itself.
  • Microsoft will not give me my $124.98 back for a month, so I’m going to have to file a fraud complaint with my credit card company. Even though the hacker did not actually have access to my card information (you buy stuff on Xbox without ever seeing the card number attached to the account), the card company will require me to cancel my card and get a new number. This is the same credit card I use for a lot of business-related expenses, so I’m going to have to fill out a bunch of paperwork during Thanksgiving week to get everything updated. Awesome.

What I’ve learned from this:

  • Do not have a credit card attached to your Microsoft account or otherwise on file anywhere you can keep from having it. Getting this done will be more complicated than it should be, and I had to find a post on Reddit to tell me how to remove credit card info from my Xbox account.
  • Identity theft sucks, even when it’s “just” on a video game console. I seriously feel sick when I think about somebody forcing their way into my personal space, being able to mess around with my Xbox avatar, and having access to my friends list and gamerscore.
  • I disliked soccer before, but now I really hate it. Flames on the side of my face, for real.
  • Microsoft has woefully wrong systems in place.

At the center of all of this is just this feeling of violation. I’m very careful with my information, and I don’t use the same password on multiple sites. I even go as far as using gibberish phrases as the answers to my secret questions when sites need a secondary form of verification. And yet, somehow, some wanker managed to get into my account and steal from me. It’s bad enough that this random person in the UK has hijacked my account and has access to all the video gaming I’ve done since 2004 (all 95,000+ gamerscore of it), but now Microsoft is turning the knife by refusing to facilitate the process of getting things fixed and back the way they should be. I am convinced that this happened due to a flaw in Microsoft’s infrastructure, due to the huge number of people I’ve seen who have been FIFA hacked and the simple fact that I am so careful with my security information. I’m the victim, and they are punishing me by denying me the money they helped someone steal from me and by denying me access not only to my Xbox Live account but also to the ability to do anything in a meaningful way on my console for the next month.

I’ve been a loyal Microsoft customer and Xbox fan for a very long time, but this situation is really shaking my faith and fandom. I’ve paid a lot of money and put a lot of time into Xbox video gaming, and both of the companies I own help Microsoft sell games and consoles, in one way or another. And yet, here I am with a bookcase full of games and accessories and two Xbox 360s, all useless to me through no fault of my own. Am I wrong to feel violated like this? I don’t think so.

I’m starting a month with no Xbox, and it’s going to suck. Right now I can’t imagine what I’m going to do with my free time, but I guess I’ll be catching up on reading or watching Netflix on my computer screen or something. I kind of wonder whether I’ll just get used to not gaming over this month and then not even want to do it anymore once I get my account back.

Et tu, Microsoft?

Here are a few additional links to stories about this widespread FIFA hacking:

Assassins Creed Altair Action Figure 008 Assassins Creed Altair Action Figure 006 Assassins Creed Altair Action Figure 010 Walter as Heisenberg - Breaking Bad Action Figure Walter as Heisenberg - Breaking Bad Action Figure Walter as Heisenberg - Breaking Bad Action Figure Harley Quinn – Cover Girls of DC Statue Harley Quinn – Cover Girls of DC Statue Harley Quinn – Cover Girls of DC Statue Mystique - Marvel Comics Bishoujo Statue Mystique - Marvel Comics Bishoujo Statue Indigo-1 - Blackest Night Bust