Xbox security flaw discovered by five-year-old child

Support truly
independent journalism

Support Now

Find out moreClose

Our mission is to deliver unbiased, fact-based reporting that holds power to account and exposes the truth.

Whether $5 or $50, every contribution counts.

Support us to deliver journalism without an agenda.

Louise Thomas

Editor

A five-year-old child has been praised by Microsoft after discovering a flaw in the security system of their Xbox Live service that allowed him to hack into his father's account without needing a password.

Kristoffer Von Hassel managed to log in to his father's Xbox Live account. When the password log-in screen appeared, he simply pressed the space button a few times and hit enter.

In doing so he managed to enter the system through a back door without needing to enter a password.

"I got nervous. I thought he was going to find out," Kristoffer told television station KGTV.

"I thought someone was going to steal the Xbox."

His father Robert Davies, who works in security in San Diego, said he had noticed his son playing games he supposedly couldn't access.

Mr Davies said he reported the issue to Microsoft, which fixed the bug and listed Kristoffer on its website as a "security researcher."

Microsoft has since fixed the flaw and added Kristoffer to a list of recognised security researchers.

A Microsoft statement says "we take security seriously" and thanks customers for highlighting issues.