According to some forum reports, one hacker is claiming to have generated $150-worth of points (at retail value) in around 20 minutes.
Points in the programme can be used for a variety of Xbox 360 extras, including a 48 hour ticket for Xbox 360 Live, the online gaming service for games console users.
The SaveandQuit gaming newswire says that, whilst there have been scam sites offering free points for some time, users that google 'free Microsoft points' will discover that Microsoft really is giving away points.
"Hackers found an algorithm to add to existing, used codes to get new ones. A person would just have to sit back and refresh over and over and rack up the 160MSP codes. Not every code would work, but a majority would", says the newswire, adding that the load on the portal became so great that the site returned 404 'page not available' codes.
The newswire goes on to say that hackers have developed an automated programme to generate points, with postings of the application to Xbox pirating websites like xbox360iso.com.
"Microsoft found out about this exploit and put a stop to it immediately, but internet pirates still had enough time to steal $1.2 million worth of Microsoft Points (according to Beantown Gamer's source)", says the newswire.
"Microsoft has yet to say what they plan on doing about this, but it doesn't seem like there is much they can do other than just bite the bullet on this one", it adds.
Infosecurity notes that scams of this nature can tend to be overblown by some forum members, but the scale of the scam and postings by the Xbox 360 community suggests that many users took advantage of what appears to have been a site HTML coding flaw.
The good news is that some forum members are reporting that Microsoft is working on invalidating the scammed codes, although other people have reportedly cashed in the codes for various rewards.