Microsoft Investigating Claim That Used Xbox 360s Contain Credit Card Info

Microsoft Investigating Claim That Used Xbox 360s Contain Credit Card Info

Microsoft has addressed yesterday’s Kotaku report that hackers could access credit card information in used and refurbished Xbox 360 units.

In a statement to Kotaku today, Microsoft’s Jim Alkove, General Manager of Security of Interactive Entertainment Business, said they are investigating the Drexel University study:

We are conducting a thorough investigation into the researchers’ claims. We have requested information that will allow us to investigate the console in question and have still not received the information needed to replicate the researchers’ claims.

Xbox is not designed to store credit card data locally on the console, and as such seems unlikely credit card data was recovered by the method described. Additionally, when Microsoft refurbishes used consoles we have processes in place to wipe the local hard drives of any other user data. We can assure Xbox owners we take the privacy and security of their personal data very seriously.


  • Of course they do. Unless you format the hdd, Xbox live doesn’t allow you to simply remove a bloody credit card like PSN does… nooooo… you have to ring MS or go to the website and remove it that way… then you’re blacklisted from using it… *looks at 2 blacklisted credit cards in his wallet…*

    Way to go MS… way… to… go…


    • ive never had a problem removing a card either by phone or just through the microsoft billing website. they have also just added the ability to remove cards and cancel subs through the xbox website. never had a card blacklisted though, not sure whats happened there buddy. id call ms support to sort that out.

  • Exactly like I said yesterday it’s not stored locally the only info Your profile actually contains is achievements and dlc info. Once that profile is deleted from the HDD you cannot access the profiles credit card info. And any person that has ever done basic modding would know that Microsoft uses a proprietary file system so “hackers” would have to write their own programs.

  • Hey Guys,
    Not sure what the issue was with weresmurf but your credit details are tied in with your gamer profile, sooo if you clean your xbox of all data including your Gamer Profile, Installed Games, Saves and DLC this shouldn’t be a problem for you its just the people that don’t clear their xbox of data that are potentially going to be hacked. GLHF
    Worden Out! =)

Show more comments

Log in to comment on this story!