You know how things that are too good to be true usually are? Well, if you purchased a bunch of Microsoft Points on the cheap from eBay, Craigslist, or somewhere else in the secondhand market, there's a good chance they were falsely generated. Hackers figured out an algorithm to add to existing, used codes to get new MS points in 160-point increments. Hitting refresh would keeping adding to the total.
According to SaveAndQuitGaming.com, there was a program floating around seedier sides of the Web that would get the codes for you. With it, you could choose between a code for 160 Microsoft Points, a Halo Reach Banshee avatar prop, or a 48-hour Xbox Live trial. Microsoft was quick patch things up once it found out about the exploit, but not before less scrupulous users took Microsoft for an expensive ride.
The estimated worth of falsely generated Microsoft Points was originally reported as $1.2 million, a number Microsoft disputes. Microsoft wouldn't say exactly how much was stolen, only that it was "nowhere near" that figure.