Video game hardware maker Microsoft has issued a statement denying that the hard drives of its Xbox 360 home console stole the credit card data linked to the player accounts.The denial comes after a report from a research group working at Drexel University, who claims that it has managed to get access to the credit card data of previous owners simply by using a set of tools to access the hard drives of refurbished Xbox 360 consoles.
Jim Alkove, who is the manager of interactive entertainment business at Microsoft, states, “We are conducting a thorough investigation into the researchers’ claims. We have requested information that will allow us to investigate the console in question and have still not received the information needed to replicate the researchers’ claims.”
He adds, “Xbox is not designed to store credit card data locally on the console, and as such seems unlikely credit card data was recovered by the method described. Additionally, when Microsoft refurbishes used consoles we have processes in place to wipe the local hard drives of any other user data.”
Microsoft also assures Xbox owners that it handles personal data with care and that it tries to keep it as secure as possible.
The researchers have not made their methods public and it is unlikely that any criminal groups will be able to replicate them in order to access the private information of those who have sold their older consoles back to Microsoft or sent them to be replaced.
Data security has become one of the hot issues of the video game world after April 2011, when the PlayStation Network service from Sony was breached by unknown attackers who managed to gain access to account data that included credit card data.
The PSN was down for more than one month and other video game companies were also hit during the year.