IdentityForce Logo IdentityForce Logo
Protect What Matters Most.
Posted on February 3, 2017 by in Data Breach & Technology, Personal

Xbox and PlayStation, two of the biggest video game companies in the world, have been targeted by hackers—and now 2.5 million gamers have potentially had sensitive information stolen. According to security expert Troy Hunt of the website Have I Been Pwned?, Xbox 360 ISO and PSP ISO, forums which host illegal game download files, were hacked in September 2015. Currently, it’s not clear who initiated the breach.

Xbox 360 ISO Breach

  • Number of accounts stolen: 1.2 million
  • What was exposed: E-mail addresses, IP addresses, usernames, passwords

PSP ISO Breach

  • Number of accounts stolen: 1.3 million
  • What was exposed: E-mail addresses, IP addresses, usernames, passwords

Why is this just coming to light now if it happened in 2015? There’s often a long lead time between between a when a breach occurs and the data going public because the hackers are working quietly to see how much money they can make by selling the information. Once it’s served its purpose, they’ll often dump it online on the dark web, and that’s when the public is clued in to what happened.

If you have an account on either of the hacked forums, be sure to change your password immediately. If you use the same or similar login information for any of your other online accounts—e-mail, social media, online banking, etc.—change those passwords as well. Hackers know that while we’re all encouraged to use different login credentials for any online accounts we have, most people are predictable and use the same username and password combinations across the Web. That means if you had your PSP or Xbox forum accounts breached, there’s a chance the hackers used that information to steal even more from you—you just don’t know it yet.

“Often people using seemingly low-security websites don’t enforce good password security because it’s not a financial target,” said Mark James, IT security specialist at ESET, speaking with CNET. “But all data has a value and will be reused for other purposes. Every website should be treated as unique and require different passwords with a mix of usernames if possible.”

Not sure if your information was compromised? Visit Have I Been Pwned? and enter the e-mail address that may be affiliated with your PSP ISO or Xbox 360 ISO account.