Sharing your Xbox gaming scores can be embarrassing enough (for some), but sharing your financial information is a whole other matter. Researchers have discovered that hackers can retrieve credit card data and other personal information from old Xbox 360s. Read this story if you're thinking about selling your old device, and "share" this post with your gaming friends so they don't get played!
Hackers can steal credit card data from used Xbox 360sSummary: Security researchers at Drexel University and Dakota State University say they can extract credit card information from Microsoft Xbox 360s even after they have been restored to factory settings.Update: Microsoft investigating used Xbox 360 credit card hack Hackers can reportedly retrieve credit card data and other personal information from old Microsoft Xbox 360s. Even if the console is restored back to factory settings and its hard drive is wiped, researchers say they can pull off the feat. Ashley Podhradsky, Rob D’Ovidio, and Cindy Casey of
Drexel University, along with Pat Engebretson at
Dakota State University, bought a refurbished Xbox 360 from a Microsoft-authorized retailer last year. They then downloaded a basic modding tool, gained access to the console’s files and folders, and eventually extracted the original owner’s credit card information.
“Microsoft does a great job of protecting their proprietary information,” Podhradsky told
Kotaku. “But they don’t do a great job of protecting the user’s data.” She says she isn’t even a gamer, and warns console modders and hackers may find the process even easier. “A lot of them already know how to do all this. Anyone can freely download a lot of this software, essentially pick up a discarded game console, and have someone’s identity.”
Microsoft will need to verify whether or not all Xbox 360 hard drives, as well as USB drives that have had profiles transferred onto them, store the sensitive information and why the factory reset option isn’t deleting this data. If this turns out to be the case, Redmond will have to offer instructions for what users can do to protect their credit card details, especially if they’re looking to sell their console.
If you’re looking to sell soon, I would personally recommend formatting the HDD yourself with some powerful software that writes 1s and 0s to it directly. Podhradsky specifically says
Darik’s Boot And Nuke tool gets the job done.
I have contacted Microsoft about this issue and will update you if I hear back.
Update: Microsoft investigating used Xbox 360 credit card hack Orginal article: By Emil Protalinski | April 1, 2012, 3:27pm PDT