Last week, we told you of university research that said it was possible for hackers to extract sensitive personal information – like credit card information – from second hand and refurbished Xboxes.
Microsoft says that particular research is flawed – and that Xboxes don’t even store credit card information on the consoles themselves.
“We are conducting a thorough investigation into the researchers’ claims,” said Microsoft’s manager of interactive entertainment business, Jim Alkove to Joystiq. “We have requested information that will allow us to investigate the console in question and have still not received the information needed to replicate the researchers’ claims.
“Xbox is not designed to store credit card data locally on the console, and as such seems unlikely credit card data was recovered by the method described. Additionally, when Microsoft refurbishes used consoles we have processes in place to wipe the local hard drives of any other user data. We can assure Xbox owners we take the privacy and security of their personal data very seriously.”
I know that Microsoft doesn’t store credit card information on the console itself – and rather on their servers – as anybody who’s ever been subject to automatic renewal and has tried to get their credit card details removed from Microsoft’s servers would attest – but it’s also quite likely that the information’s stored in the system cache – if only temporarily. whatever the case – you might want to hold on to that old console you were planning on flogging.
Who do you believe?
Last Updated: April 2, 2012