It has been discovered by researchers at Philadelphia's Drexel University, that credit card data on older Xbox 360 systems that have been traded in or sold on. Hackers can now retrieve personal information from refurbished Xbox consoles, suggesting consumers exercise more caution with their electronic devices.
Cracking the Code: Learn How Cyber Attackers Exploit Human Psychology
Ever wondered why social engineering is so effective? Dive deep into the psychology of cyber attackers in our upcoming webinar.Join Now
"Anyone can freely download a lot of this software, essentially pick up a discarded game console, and have someone's identity," said researcher Ashley Podhradsky. The team has discovered that even restoring your console to factory settings won't remove some of the data stored on the Xbox 360.
"Xbox is not designed to store credit card data locally on the console, and as such seems unlikely credit card data was recovered by the method described. Additionally, when Microsoft refurbishes used consoles we have processes in place to wipe the local hard drives of any other user data. We can assure Xbox owners we take the privacy and security of their personal data very seriously."
Well, there's not much you can do if you've already traded it in. However, for those that haven't yet there's something you can do to wipe your drive. Detach the hard drive from the Xbox 360, hook it up to your computer, and use Darik's Boot and Nuke. This program will delete any contents on the drive it can detect. Or you can always complain to Microsoft to create a better factory restore program.