$1.2 Million Worth of MS Points Taken After Hackers Figure Out Code Algorithm

The Save and Quit blog reports that a group of hackers figured out the algorithm behind a set of promotional codes that were each redeemable for 160 MS points, the currency used on Xbox Live. Quoting: "A person would just have to sit back and refresh over and over and rack up the 160MSP codes. Not every code would work, but a majority would. The site started to 404 due to the heavy traffic. If you have closer ties to the pirating community, you could find a program to get the codes for you. ... This method took a little more work out of the user, but it was still simple enough for a 12 year old to figure out. ... Microsoft found out about this exploit and put a stop to it immediately, but internet pirates still had enough time to steal $1.2 million worth of Microsoft Points."

Boggles the mind

[TheSpoom]

Why weren't these codes completely random? Why don't they have a database of valid and used codes, where codes only get inserted when they're printed on cards that are then shipped to stores? Perhaps most importantly, why would you EVER have a public web-accessible interface to generate codes on the fly?

Re:$1.2 million worth of Microsoft Points

[semiotec]

In case you've never come across this before, it can also be used to point out when something is ridiculously low or worthless, as I believe is the intention of the original post, that at least in his/her opinions MS points are worthless, specifically that even though they are technically worth $1.2 million, there's very little you can buy with them.