March 10, 2011 at 2:27 PM ET
In order to add Microsoft Points to your Xbox Live account, you have to input the long string of characters found on the Microsoft Points card you've purchased. A group of hackers figured out how to predict what those character strings would be and managed to snatch up $1.2 million in Microsoft Points without paying a single dime. (Msnbc.com is a joint venture of Microsoft and NBC Universal.)
Geek.com reports that while the hackers didn't exactly crack Microsoft's code generating algorithm, they did figure out how to produce working Microsoft Points codes by editing already redeemed codes to produce brand new — and valid — ones.
Microsoft has caught on to and blocked the scheme, but not before quite a bit of damage was done:
Microsoft has now blocked any new codes produced with this tool, but not before losing what is thought to be in the region of $1.2 million worth of points. What’s also unclear is whether they have the records in place to track which Xbox Live accounts redeemed the fake codes. If they haven’t, then there’s no way to demand the money back or block those accounts.
Related stories:
- Berated prosecutors dismiss case against Xbox modder
- Xbox modder could spend three years in prison
- Rapping hacker raises legal funds to fight Sony
Rosa Golijan writes about tech here and there. She's a bit obsessed with Twitter and loves to be liked on Facebook.