Microsoft has confirmed that a number of Xbox Live
accounts owned by current and previous "high-profile" employees have been accessed by hackers. The same group of hackers, known as Team Hype, are also said to be behind denial of service attacks as well as a case of "Swatting
," convincing local police to send a SWAT team to a victim's house to conduct a raid, against a security reporter.
In a statement to Ars Technica
, Microsoft said "We are aware that a group of attackers are using several stringed social engineering techniques to compromise the accounts of a handful of high-profile Xbox LIVE accounts held by current and former Microsoft employees." It is also working with law enforcement and others affected by the intrusion in order to prevent the style of attack used from happening again.
The techniques used, revealed by Swatting victim and reporter Brian Krebs, consists of getting a social security number from another source, tricks a phone company into redirecting that person's phone number to another line, then using the redirected number on Xbox Live support when they call the on-account phone number to confirm the identity of the account holder.
As part of the investigation of the Swatting, Krebs discovered
what he believes is the identity of one member from the group. A later phone call to that person seemed to link him with the extensive hack against technology journalist Mat Honan
last year, though the 20-year-old's father then denied he performed the intrusion, and apparently only knew the guy behind the attack.