Joseph_Joestar wrote on Today, 17:05:
Xbox user has account deleted by Microsoft and loses 25 years of purchases
One of the perils of an all-digital future. Get your account banned and lose thousands of dollars worth of games, movies etc.
Oof... that is awful. It is horrible that these companies don't have a better process set up to fix this. I mean, if they are still bothering to email you to tell you what they are doing then they must have at least some slight confidence that the email is going to reach the legitimate account holder. Feels like it should be illegal for companies to do anything that is "irreversible" that causes a loss of an account, personal info or purchases. Everything should be reversible with the right verification. You can bet if this happened to a high ranking MS employee they would find a way to reverse it. I mean, if I live next door to Microsoft's headquarters and I can literally go up to their front desk, hand them my proof of address, show them my house, invite them in for coffee and then say "See, this is the address you have listed for my account. IT IS ME!" , it is completely absurd that they would be unable to reverse an account closure like this.
I am not going to blame the victim here, because this is absolutely ridiculous conduct for a corporation the size of MS, but the email he got does mention that unauthorized access was confirmed. So, there was likely some kind of security breach of his account that lead to this.
This is a good time for everyone to give their most valuable accounts (phone, banking, internet, email, google, apple, microsoft, steam, etc.) a security checkup. One thing to make sure that you do (that hasn't always been available) is to set up a SIM lock or SIM swap protection on your phone line. You can usually either call your provider or go to wherever you manage security settings for your account online. Doing this basically prevents SIM swaps entirely, so if you end up needing to do a SIM swap you have to go back in and change it first. Absolutely everyone should do this unless you are constantly swapping SIMs for some reason (and in that case, one might argue that you should not use that number for any kind of 2FA). I know that simply not using text\phone for 2FA has been a recommendation for a long time, but preventing SIM swapping alleviates most of those worries. Also, a lot of places still use it as their main 2FA method.
Another thing to consider is setting up one or more brand new email accounts that you use ONLY for those important accounts. That way your login info, 2FA emails and other account related things are associated with an address that isn't used anywhere else online and has little or no "trail" around the internet. You can also have the strictest, most secure multi-factor authentication set up on the new email account(s) possibly even have it set up so that it doesn't stay logged in on any devices or doesn't have the password saved anywhere.
I would say that if you want to avoid having an account with scads of valuable purchases\data shut down, the #1 way to avoid it is to not use these accounts at all, but the #2 way to avoid it would be to do everything in your power to prevent unauthorized access to your accounts. That is the main reason that companies do this to people, at least from what I have seen.
Now for some blitting from the back buffer.