Threatwatch

5-year-old hacks dad’s Xbox account to play prohibited games.

Unauthorized use of user privileges; User accounts compromised; Software vulnerability

“I got nervous. I thought he was going to find out,” Kristoffer Von Hassel said after infiltrating the popular Microsoft gaming system.

It happened just after Christmas 2013, when the kid’s parents noticed Kristoffer was logging into his father's Xbox Live account and playing games he wasn't supposed to be.

He had discovered a “back door” flaw in the login code. Kristoffer showed Dad that when he typed in a wrong password for the account, it clicked to a password verification screen. By typing in space keys, then hitting enter, Kristoffer was able to get in through the back door.

“I thought someone was going to steal the Xbox,” Kristoffer said.

Kristoffers' father, who works in computer security, was one proud papa, ABC reports. His first reaction? "How awesome is that!" Davies said. “Just being 5 years old and being able to find a vulnerability and latch onto that. I thought that was pretty cool.”

This was not the child’s first successful hack. “At age 1, Kristoffer got past the toddler lock screen on a cell phone by holding down the home key,” ABC reports.

Kristoffer will receive four games, $50 and a one year subscription to Xbox Live from Microsoft for his security research contributions.

ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves. 

sector

Entertainment

reported

April 4, 2014

reported by

ABC 10News

number affected

Unknown

location of breach

California, United States

perpetrators

Child

location of perpetrators

California, United States

date breach occurred

Late December 2013

date breach detected

Late December 2013