Newell: November Security Breach Included Encrypted Credit Card Info, Billing Addresses
Keep an eye on your credit card statements, says Valve founder Gabe Newell. Just in case.
Newell and Valve just issued an email to Steam users detailing Valve’s discovery that a security breach last year probably included the theft of a backup file that included information on Steam transactions from between 2004 and 2008. Newell said the file contained a bunch of sensitive information: “user names, email addresses, encrypted billing addresses and encrypted credit card information. It did not include Steam passwords.”
Don’t panic just yet, however:
“We do not have any evidence that the encrypted credit card numbers or billing addresses have been compromised,” Newell writes. “However as I said in November it’s a good idea to watch your credit card activity and statements. And of course keeping Steam Guard on is a good idea as well.”
Newell also said that Valve is still investigating the breach and working with law enforcement authorities as well. The security breach actually occurred back in November and involved a hack to the Steam forums. This latest update makes it a little clearer what exactly got taken — the billing addresses is new information, as are the dates those transactions took place — but this isn’t too much different from what Valve made public back in November.
Steam users who conducted transactions during 2004 and 2008 should obviously watch their credit card and bank statements for suspicious activity and contact their financial institutions immediately upon noticing anything fishy, and then contact Valve and let them know, too. I’m not sure if that’ll actually help, but any information Valve can get to law enforcement officials about potential identity theft is probably helpful in the grand scheme — and in keeping people from getting ripped off.