Xbox Live users hit by data breach
Names and email addresses of nearly 3,000 users accidentally leaked online.

Microsoft is assuring Xbox Live subscribers their accounts have not been compromised, following the accidental disclosure of several thousand users' names and email addresses online.
Reports of a data breach affecting nearly 3,000 people who voted in an Xbox Entertainment Awards poll, and were subsequently entered into a prize draw, emerged yesterday.
According to a report and screen grab on gaming news site MCV, the names, gamer tags, email addresses and birthdays of those who voted for their favourite music, films, TV shows and games in the Xbox awards were published online.
It is claimed that visitors to the site were able to edit and remove the listings, but the page has since been taken offline.
It is not yet known how long the information was online for. But - if it did fall into the wrong hands - those affected could find themselves at increased risk of phishing attacks, if cyber criminals seize on the breach and the email addresses to send them spoof emails.
In a statement to IT Pro, a Microsoft spokesperson blamed the data's disclosure on an error within the Xbox Entertainment Awards voting app.
"Upon learning on 19 March that a number of UK Xbox Live subscribers have inadvertently had a limited amount of personal data disclosed online...Microsoft took immediate steps to remove the application from its UK Facebook page," the statement read.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
"We are working closely with affected Xbox Entertainment Awards voters who have been in touch with us to ensure their Xbox Live accounts have not been compromised and will restore the voting app to our Facebook page once the issue is resolved," it concluded.
-
Why Microsoft thinks diversity will keep security workers relevant in the age of agentic AI
News Improved AI skills and a greater focus on ensuring agents are secure at point of deployment will be key for staying ahead of attackers
By Rory Bathgate
-
Microsoft: get used to working with AI-powered "digital colleagues"
News Tech giant's report suggests we should get ready to work with AI, revealing future trends for the workplace
By Nicole Kobie
-
Capita tells pension provider to 'assume' nearly 500,000 customers' data stolen
Capita told the pension provider to “work on the assumption” that data had been stolen
By Ross Kelly
-
Gumtree site code made personal data of users and sellers publicly accessible
News Anyone could scan the website's HTML code to reveal personal information belonging to users of the popular second-hand classified adverts website
By Connor Jones
-
Pizza chain exposed 100,000 employees' Social Security numbers
News Former and current staff at California Pizza Kitchen potentially burned by hackers
By Danny Bradbury
-
83% of critical infrastructure companies have experienced breaches in the last three years
News Survey finds security practices are weak if not non-existent in critical firms
By Rene Millman
-
Identity Automation launches credential breach monitoring service
News New monitoring solution adds to the firm’s flagship RapidIdentity platform
By Praharsha Anand
-
Neiman Marcus data breach hits 4.6 million customers
News The breach took place last year, but details have only now come to light
By Rene Millman
-
Indiana notifies 750,000 after COVID-19 tracing data accessed
News The state is following up to ensure no information was transferred to bad actors
By Rene Millman
-
Pearson fined $1 million for downplaying severity of 2018 breach
News The SEC found the London-based firm made “misleading statements and omissions” about the intrusion
By Rene Millman