A new Xbox Live bug has been discovered that allows hackers to get the email address of gamertags for Xbox One, Xbox Series X, and Xbox Series S users. At the moment, this seems to be the scope of the exploit, but it seems to have been fixed, but not before a serious bug in the system. This is the only information it was leaking while the breach leaked the email.
Notifications of system bugs are communicated to the motherboard contacted by an anonymous hacker who published the issue to the outlet. The motherboard not only accepted the hacker’s words, but also verified the problem. Meanwhile, another hacker revealed that the bug was found on the Xbox Live Enforcement Portal, a page where Xbox users can contact Microsoft directly.
When Motherboard first asked for comment, Microsoft seemed to downplay this issue as “not meeting MSRC’s standards of service.”
“Email may be considered confidential, but it does not meet MSRC’s standards of service because nothing else identifies the publisher. Therefore, MSRC does not track the issue and leaves it to the product group. We will take mitigation measures as necessary. “
However, after the initial response, Microsoft said that updates were pushed to sprout the problem. Fortunately for Xbox users and Microsoft, the hacker who revealed the bug on Motherboard confirmed that the bug wasn’t published before the fix was published. Email address breaches are not a major security breach, but they can lead to bigger problems such as doxing.
That said, the issue seems to be patched, but it reveals a major question of how vulnerable many of these services are. According to the hackers mentioned above, this was the “easiest vulnerability” they had ever encountered.
Click here for all the details of Xbox, including all the latest news, rumors, and leaks related to Xbox Series X and Xbox Series S. here Or, take a look at the related links below.
H / T, Motherboard..