Microsoft is the one claiming it is a phishing attempt. Personally, I was not phished. At minimum, someone is social engineering information from them and Microsoft is falling for it. Whoever it is was able to make purchases on my LIVE account, whose login information doesn't match any other service I use, and my deleted credit card information was reinstated and used. The rep even acknowledge I had removed the card the previous year, but that didn't matter, it was still retrieved and used through them. I don't even own a damned Xbox, this was an old GFWL account of all things.

I honestly believe more is going on, but again, people accept the "users were phished" response and take Microsoft at their word. Others are blaming EA since the purchases are for FIFA games, but again, my account information is entirely different there (username, password, email).

The point being, nobody is investigating this further or questioning it, despite more and more people losing money and their accounts. The media only like to attack certain companies and often ignore serious issues with others. RPS is pretty much doing the same thing with EA right now.

From what I can tell, Zune and XBOX LIVE are basically the same thing. They share the data, personal info, billing info, and all of that is connected to your Live ID, which you also use to check your Live / Hotmail email account, log on into MSDN / Technet to check out your subscription, download the latest prerelease software from Connect, or visit Microsoft Store online to buy something.

They may keep various parts of that data on different servers / different databases / different levels of protection, but just the fact that everything is connected kind of scares me a little. I've everything on my Live ID account, if that get's hacked into, dunno what I'd do.

I don't really care about 'balance' in reporting the underhanded antics of various companies. If this Origin story is accurate, something needs to be done. And they wonder why people turn into pirates... this is probably the one thing - being locked out of my legally purchased games because of some kind of alleged forum violation - that would make a pirate out of me.

Weak password, a 'friend' on Messenger, mistakenly clicked on a phishing link, same password as somewhere else (DeviantArt, Steam, EA, Bioware, Sony, and some other places that were hacked in the last few years), weak secret question, logging in from a foreign computer...

A hack would basically mean that thousands of thousands users would have been hacked, not just some.

That is true, but my point is it's a different set of circumstances. You can be locked out of Steam but that's for doing things that explicitly go against the terms of the contract. A lot of people may not agree with Steam's methods but it is a contract.

With Origin, you piss off a mod on the forum of a game, get banned and there goes your entire account. I've been online most of my life. Moderators are notoriously trigger happy on those bans.

But if the forum ban connects to your account it's not as easy as another mod coming by and unbanning you. We're talking multiple levels of a big corporation trying to work together to fix something for one person. It's a logistical nightmare.

Erm ... how is an apple different from a pear? They're just not the same - it's not hard to see the difference.

Let me spell it out:

Publisher A gives review code for game B to journalist X - this review code can't be updated & is watermarked so it can't be used as a full copy for future use.

Publisher V (Valve) gives an account for game A, B, C, D, E, F, G, H, I, J even though the journalist X only has to review J. This is tied to Steam and gets updated so it's a full copy that the journalist can keep for personal use. On top of that, if Valve release game K, L, M, N, O, P, Q, R, S, T, U, etc. then journalist X will receive those as well even if he never reviews them.

And you ask me how it's different?

If this article wasn't written by John Walker I'd read it.

I expect you'd change your card info, then basically - live on as normal.

Anyway, persistence of ID does not indicate that the systems are equally vulnerable. While of course a single sign on such as MS practice, does indicate a breach one breach all concept. That's only true if you breach the password, not the system. It's all down to those salted hashes that piss off both attackers and crap programmers.

If someone gets your password for your connected account, you're screwed. So make it a really secure non phishable password. A breach of a system does not mean they have your password, and thus your suggestion of the connecting of the services is likely irrelevant. I'm afraid the point so far has been proven by... Steam ... they got hacked, and said, so what? We'll see about that one, but I doubt MS have a centralised login system, more likely some token passing such as they use in a load of their systems.

It was not meant to be a comparison, but more how Steam is actually using some shady practices of their own, but RPS certainly cannot be bothered to touch any stories related to that service. Some users have been asked to pay more than the initial purchase just to retrieve their account. Others have lost their account not even to billing issues. For others it has simply been locked down, and they are left begging for a reason as Valve never sends one regardless.

Again, this isn't about Valve, just how RPS has a double standard and will ignore problems with one company and constantly attack another, primarily EA. The only reason I even mentioned Valve was someone claimed Steam accounts are never permabanned, which is false.

RPS are incredibly biased, and honeslty, I feel there is more going on than they are saying and/or being told. I honestly doubt someone gets banned for saying e-peen, when I have seen worse on the forum at times.

I agree that there isn't much to worry about, its just a bit scary. :D

Can you give some sources please?

Deleting posts, not cool.

Yes you did.

Wrong user, that was Kurina.

EDIT: her post is not deleted, search for "initial"

I agree that (provided the reports about either service are true) EA's current practice is worse than Steam's current practice. What shouldn't be forgotten though (imho) is that Steam explicitly reserves the right to do exactly the same things like EA (locking you out from your games for any reason that pleases them) through their license. They may not enforce it this way right now, but they can change that current practice whenever they want to, it's all in the license.

Therefore, people who (justly) criticize EA for exercising the power that the customers have given them may want to ask themselves why they have given exactly the same power to Steam.