Microsoft to invalidate MS Points 'stolen' via exploit

A couple of days ago, a forum user on the website The Tech Game posted instructions about how to use an exploit that allowed users to generate codes for Microsoft Points on Xbox Live.

Microsoft has since released a statement indicating that it is investigating the situation, intends to invalidate the illegitimately-generated codes, and is looking into punishing those who participated in the exploit.

"Our Policy and Enforcement team is evaluating whether or not certain individuals have violated the Terms of Use for Xbox Live and will take the appropriate enforcement on an individual basis," reads the official statement. "Codes obtained legitimately by users will not be impacted."

Though Microsoft discovered the exploit within hours, many news sites initially estimated that around $1.2 million worth of codes were 'stolen.' According to a report on Gamasutra, Microsoft asserts that the $1.2M figure is far too high. "We can't share specific numbers, but the figure is nowhere near the amount that has been reported," they insisted.

It's not entirely clear how Microsoft intends to penalize those who've obtained MS Points via the exploit, exactly - though we suspect there might be some clues within Xbox Live's 'Terms of Use' and 'Code of Conduct' documentation.