Microsoft: Xbox Live Support Compromised SecurityMicrosoft has reiterated that the Xbox Live network was not hacked, but the company has admitted (via official blogger Major Nelson) that its Xbox Live support staff may have compromised security. MS claims to be in the middle of re-training staff right now to make sure customer account information stays secure going forward. Last week, rumors were floating around suggesting that Microsofts popular Xbox Live service had been hacked. Some users claimed to have been charged for items that they never purchased, which would seem to indicate that hackers were able to get a hold of various users account information. Microsoft was adamant that the network had not been hacked. Today, however, Microsofts Major Nelson (a.k.a. Larry Hryb) clarified the matter on his blog. As it turns out, Microsofts own support center may have been at the root of the problem, thanks to a phenomenon known as "pre-texting." "As originally posted, Xbox Live has not been hacked. That is still true. A security researcher, Kevin Finisterre, discovered not a hack, but the fact that some accounts may have been compromised as a result of social engineering, also known as pre-texting, through our support center," said Major Nelson. "Kevin gave me a call directly and once I realized what he was talking about (he sent me some painful-to-listen-to audio files) I confirmed that the team is fully aware of this issue. They are examining the policies, and have already begun re-training the support staff and partners to help make sure we reduce this type of social engineering attack." As Wikipedia explains it, pre-texting is "the act of creating and using an invented scenario (the pretext) to persuade a target to release information or perform an action and is usually done over the telephone. Its more than a simple lie as it most often involves some prior research or set up and the use of pieces of known information (e.g., for impersonation: date of birth, Social Security Number, last bill amount) to establish legitimacy in the mind of the target." He also took the opportunity to apologize on Microsofts behalf: "Theres no other way to say it; this situation shouldnt have happened. Our customers deserve better. The Xbox team takes what happened and the resolution of it very seriously. I also wanted to let you know that weve posted a page on Xbox.com Troubleshooting Access to your Xbox Live Account that can help you if you have questions. Finally, I chatted with Kevin earlier today and thanked him for bringing this issue to our attention. I also let him know that we have a much better understanding of this issue and that we are reviewing the processes in place to help prevent this in the future."