Steam Hacked, Valve Investigating Possible Credit Card Theft
A message sent just now from Valve Corporation head Gabe Newell says credit card numbers and other personal information were inside a database compromised during a defacement attack on the Steam forums this Sunday.
Valve is advising all of its Steam customers to keep close eye on their credit card activity, as those numbers were inside a database the hackers penetrated during the larger attack, Newell wrote. The Steam Forums are currently closed. Steam itself is operating.
"We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating," Newell wrote. "We don't have evidence of credit card misuse at this time. Nonetheless you should watch your credit card activity and statements closely."
The database exposed during the attack "contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information," Newell said in the statement.
The Steam Forums are currently offline as Valve continues its investigation and recovers from the attack. When the forums return, all users will be required to change their passwords. Users who used the same password on the Steam Forums as they did on other sites are advised to change those passwords as well.
"We do not know of any compromised Steam accounts, so we are not planning to force a change of Steam account passwords (which are separate from forum passwords). However, it wouldn't be a bad idea to change that as well, especially if it is the same as your Steam forum account password." Newell wrote.
"I am truly sorry this happened, and I apologize for the inconvenience," he said.
This is why I never buy online... Best be changing your account info. I feel bad for Gabe.
Sadim-Al-Bouncer;5584057 This is why I never buy online... Best be changing your account info. I feel bad for Gabe.
You have just as much chance having it stolen while buying at a store as you do online.
If there is one company I trust to be transparent and upfront with its customers throughout the investigation, it's Valve. I don't think well have to worry about that, *cough* Sony *cough* .
I wonder if that's just for those who visit the forums... I don't, and I have different passwords for forum/account.
Supa;5584063I wonder if that's just for those who visit the forums... I don't, and I have different passwords for forum/account.
So do I, but I changed my STEAM password anyways. I also have STEAM guard on so that's an added layer of protection (against the account at least).
However it's possible that my Real Name, Address, Credit Card info were also taken. Though at this point they arn't sure.
I'm just a little miffed I didn't hear this from Steam, but rather heard it from ThinkGeek through Twitter. Where's the notification to their customers who don't make use of the Steam forums?
Inyri Forge;5584105I'm just a little miffed I didn't hear this from Steam, but rather heard it from ThinkGeek through Twitter. Where's the notification to their customers who don't make use of the Steam forums?
If you sign into STEAM you should get it as a popup (like the news/game popups they have)
I never log out of Steam unless I shut off my computer, which I don't do daily. Poor communication, in my opinion. There should have been a mass email at the same time they posted on the forums.
Reset your Steam client. You'll get a popup Update News message with the details.
edit: beaten - i was actually in reply queue whilst taking a poo
Well I know about it now. =p
Voice of joy and sunshine
26th May 2003
Meh, once a database is taken it's only a matter of time until someone cracks it. You can try a stupid number of combinations a second with graphics cards these days.
Fortunately I only ever use paypall with steam.