The company said a group posted a list of thousands of email addresses and passwords that could be used across various online sites, including Xbox Live.
“At this time we do not have any evidence Xbox LIVE has been compromised. However we take the security of our service seriously and work on an ongoing basis to improve it against evolving threats,” the company wrote in the Xbox.com forums.
Online group LulzSec has claimed responsibility for the publication of email address and password information.
The group has previously targeted sites by Sony Corp., Nintendo Co., and Bethesda Softworks.
Microsoft in June said it currently holds 35 million Xbox Live members globally. Each spends of average of 60 hours on the service, the company said.