Xbox Live users hit by data breach
Names and email addresses of nearly 3,000 users accidentally leaked online.
Microsoft is assuring Xbox Live subscribers their accounts have not been compromised, following the accidental disclosure of several thousand users' names and email addresses online.
Reports of a data breach affecting nearly 3,000 people who voted in an Xbox Entertainment Awards poll, and were subsequently entered into a prize draw, emerged yesterday.
According to a report and screen grab on gaming news site MCV, the names, gamer tags, email addresses and birthdays of those who voted for their favourite music, films, TV shows and games in the Xbox awards were published online.
It is claimed that visitors to the site were able to edit and remove the listings, but the page has since been taken offline.
It is not yet known how long the information was online for. But - if it did fall into the wrong hands - those affected could find themselves at increased risk of phishing attacks, if cyber criminals seize on the breach and the email addresses to send them spoof emails.
In a statement to IT Pro, a Microsoft spokesperson blamed the data's disclosure on an error within the Xbox Entertainment Awards voting app.
"Upon learning on 19 March that a number of UK Xbox Live subscribers have inadvertently had a limited amount of personal data disclosed online...Microsoft took immediate steps to remove the application from its UK Facebook page," the statement read.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
"We are working closely with affected Xbox Entertainment Awards voters who have been in touch with us to ensure their Xbox Live accounts have not been compromised and will restore the voting app to our Facebook page once the issue is resolved," it concluded.