Steam Database Hacked, Credit Card Information Accessed
When the Steam forums were hacked on November 6th, it seemed like a minor inconvenience. Hacking group Fknownd put up ads and sent e-mails to forum users advertising their website.
Today, however, Steam customers received another, more troubling e-mail. Written by Valve CEO Gabe Newell, the missive revealed the hack’s true impact. According to Newell, “intruders obtained access to a Steam database in addition to the forums. This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information.”
The final revelation is obviously the most troubling. Though Newell goes on to assure customers that Steam does not “have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked,” there is a distinct possibility that financial data has indeed been stolen. While Valve doesn’t “have evidence of credit card misuse at this time,” the potential for future misuse is both real and worrisome.
In the conclusion to the e-mail, Newell advises Steam Forum users to monitor credit card activity and change passwords where appropriate. At this point, only Forum accounts — not Steam accounts — have been compromised, so users will not be required to reset Steam passwords.
Since its launch in 2003, Steam’s ease of use and PC-friendly philosophy have made it one of the most trusted brands in gaming. Today’s disturbing developments underscore the sad reality that no network, no matter how large or well-funded, is 100% safe from the attentions of online hacking groups. GameFront will continue to monitor this situation and provide useful information as it becomes available. Until then, as Newell recommends, Steam users should keep an eye on their bank accounts and change the relevant passwords.