PSA: Steam Hacked, User Info May Be Stolen, But Personal Data Safe

Valve CEO Gabe Newell has contacted all users of the Steam game distribution platform to let them know that the company has suffered a security breach. The hack was originally thought to be limited to the official Steam forums, but further investigation has revealed that the hackers had access to a database containing “user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information.”

That said, they says that they have no evidence that any personally identifiable information was actually taken, and have detected no fraudulent credit card information.

Users of the service are advised to change their passwords and be on the watch for suspicious account activity.

Here’s the notice in its entirety:

--------------------------------------------------------------------------------
Dear Steam Users and Steam Forum Users,

Our Steam forums were defaced on the evening of Sunday, November 6. We began investigating and found that the intrusion goes beyond the Steam forums.

We learned that intruders obtained access to a Steam database in addition to the forums. This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating.

We don’t have evidence of credit card misuse at this time. Nonetheless you should watch your credit card activity and statements closely.

While we only know of a few forum accounts that have been compromised, all forum users will be required to change their passwords the next time they login. If you have used your Steam forum password on other accounts you should change those passwords as well.

We do not know of any compromised Steam accounts, so we are not planning to force a change of Steam account passwords (which are separate from forum passwords). However, it wouldn’t be a bad idea to change that as well, especially if it is the same as your Steam forum account password.

We will reopen the forums as soon as we can.

I am truly sorry this happened, and I apologize for the inconvenience.

Gabe.


Tags: security, Steam
http://techcrunch.com/2011/11/10/ps...ed&utm_campaign=Feed:+Techcrunch+(TechCrunch)


Comment: Sorry wrong forum, but any steam users beware. But the government will probably say this is more evidence they have to be in control, while their is no bigger threat to Americans than them. After all our AAE backed intel agencies where behind 911 and the terrorists we face.

 

Hmm I should check my steam account.

 

This is why I have a huge problem with such things as Steam and forced online DRM(which is the really the entire reason Steam exists beyond convenience of direct-to-drive purchasing, etc).

The game companies are so obsessed with protecting their intellectual property that they are willing to place millions of us at economic risk in order to maintain control of their property.

Anything you purchase online should be made with a one time use prepaid card, and should never be used with any card that is attached directly to your bank account.

I never make online purchases with my main cards, always with pre-paid cards because if they get those numbers, well all they are getting is an empty account. Be smart people, the internet is not secure at all. Never place anything at risk and trust no one to keep your account information safe!

 

It's only gonna get worse...

Cyber Hacking Likely to Grow in Frequency, Sophistication
September 10, 2015 WASHINGTON— The lines between cybercrime and espionage are blurring, and unless the United States takes the lead in establishing international norms of online behavior, the frequency and sophistication of cyber hacking attacks will increase, according to leaders of the U.S. intelligence community.

 

Only thing worse than hacking is bumping a 4 year old thread.

 

Damnit Waltky you had me panicked for a minute there.

 

Steam has been hacked many times since this original article