Don’t Steal This: Xbox 360 Thief Tracked by Gamertag
By Matt Peckham
If you steal an Xbox 360, don’t forget to disable the auto sign-in feature before going online. That’s the lesson high-tech crooks are probably gleaning from today’s New York Post brief about a thief, 22-year-old Jeremy Gilliam, apprehended after logging into Xbox LIVE with his victim’s online game id.
Xbox LIVE requires a unique identifier known as a Gamertag, similar to an instant messaging id. The owner of the stolen Xbox 360 noticed his Gamertag was logged in without his permission, then told his parents, who contacted police. Detectives on the case ostensibly worked with Microsoft to get the stolen Xbox 360’s IP address, then followed the digital breadcrumb trail back through the ISP used by Gilliam at the time. That led them to Gilliam’s grandmother’s house, where they discovered a trove of pilfered games, laptops, and satnavs reportedly accumulated from hundreds of vehicle break-ins and multiple home burglaries.
Gilliam was already in the investigatory hotseat for stealing over a dozen unlocked cars, and according to the Post, he’s now been charged with grand larceny.
It’s not clear whether he logged in manually or automatically, or for how long the incriminating Gamertag was active, but an internet connection with an Ethernet cable or Microsoft’s wireless USB dongle is required to access Xbox LIVE, so it’s a safe bet he was online intentionally.
Gamertags aren’t the only way Microsoft can trace Xbox 360s. Each system has a unique identifier that’s passed to Microsoft when you sign into Xbox LIVE. It’s that identifier that allows Microsoft to give some of us in the press access to features ahead of the general public. Logic dictates Microsoft could match IP addresses to identifiers, thereby allowing someone whose Xbox 360 was stolen to trace it, were Microsoft made aware of the theft, and should the perp log into Xbox LIVE–with or without an incriminating Gamertag.
I’m pretty sure Microsoft doesn’t support system id tracking at this time. For that matter, most people probably don’t write down their system’s serial number. But if they did, speaking hypothetically, Microsoft could trace stolen systems on that basis alone (the complexities of juggling irate customers, the police, and fiercely independent internet service providers notwithstanding, of course).
One of my friends had an Xbox 360 stolen from under his nose. He was just outside his apartment when it happened and heard the thieves through the ground floor window but didn’t make it inside quick enough to see or stop them. Afterward, I helped him download his Gamertag to a new system: To date, several years along, no one’s popped up on his login radar, meaning the id’s almost certainly been wiped and replaced with another. Had we recorded the serial number, and were Microsoft to offer a tracking service, however, we’d probably have come acoss it by now.