Valve Admits Steam Intrusion, No Current Evidence of Fraud

  • 154 results
  • 1
  • 2
  • 3
  • 4
Posted by patrickklepek (4004 posts) -
Steam's message boards were compromised Sunday, and it's been investigating since.

It’s one thing when a message board gets compromised, it’s quite another when it’s one of the most popular services amongst PC users.

An unidentified user or group of users gained access to the Steam message boards on Sunday, and subsequently “obtained access to a Steam database in addition to the forums,” the company said today.

The statement, signed by founder Gabe Newell, claims the company has found no evidence of credit card fraud, but recommends users to monitor their financial accounts closely. Even if you didn’t have an account on the Steam message boards, Valve recommends changing your password.

“I am truly sorry this happened, and I apologize for the inconvenience,” said Newell.”

Users accessed “a Steam database in addition to the forums” that had user names, hashed and salted passwords, game purchases, email addresses, billing addresses, and encrypted credit card information.There is currently no evidence the credit card information has been decrypted, and Valve is “still investigating.”

Only a few message board accounts were reportedly compromised, and they “do not know of any compromised Steam accounts” at this time.

Basically, change your password. If Valve issues further updates, I’ll let you know.

Staff
#1 Posted by patrickklepek (4004 posts) -
Steam's message boards were compromised Sunday, and it's been investigating since.

It’s one thing when a message board gets compromised, it’s quite another when it’s one of the most popular services amongst PC users.

An unidentified user or group of users gained access to the Steam message boards on Sunday, and subsequently “obtained access to a Steam database in addition to the forums,” the company said today.

The statement, signed by founder Gabe Newell, claims the company has found no evidence of credit card fraud, but recommends users to monitor their financial accounts closely. Even if you didn’t have an account on the Steam message boards, Valve recommends changing your password.

“I am truly sorry this happened, and I apologize for the inconvenience,” said Newell.”

Users accessed “a Steam database in addition to the forums” that had user names, hashed and salted passwords, game purchases, email addresses, billing addresses, and encrypted credit card information.There is currently no evidence the credit card information has been decrypted, and Valve is “still investigating.”

Only a few message board accounts were reportedly compromised, and they “do not know of any compromised Steam accounts” at this time.

Basically, change your password. If Valve issues further updates, I’ll let you know.

Staff
#2 Posted by Zor (654 posts) -

eep, better change my password, but i guess it also a good thing that i don't use the forums there.

#3 Posted by RockinKemosabe (619 posts) -

Damn you hackers!

#4 Posted by CharlesAlanRatliff (5406 posts) -

Thanks for the update! I'll go change it now before resuming Snake Eater HD.

#5 Posted by Shmio (21 posts) -

Does this mean BF3 is coming to steam?

#6 Posted by addix (37 posts) -

Well, off to change my password.

#7 Posted by BonOrbitz (2182 posts) -

Whoob-boo-boo-boo-boo! I know what I'm doing when I get home tonight.

#8 Edited by Ares42 (2611 posts) -

Hmm, went to change password and got "Steam cannot process your request" error repeatedly =/

#9 Posted by AhmadMetallic (18955 posts) -

wow. 
 
shit.

#10 Posted by Jeffk38uk (715 posts) -

Changed it as a precaution as mentioned and its unfortunate for any business to be hacked like this.

#11 Posted by forkboy (1128 posts) -

Wish it would let me change my password.

#12 Posted by artofwar420 (6277 posts) -

Thanks for the heads up.

#13 Posted by MeatSim (10823 posts) -

Can't hurt to change your password.

#14 Posted by Rhete (18 posts) -

Well, I have Steam guard on so they'd E-mail me if anyone tried to use my account. Plus I only use that password with Steam. Plus Steam didn't have my credit card number. So personally, I'm not too worried, but this news does suck in general.

#15 Posted by BisonHero (6407 posts) -

@Ares42 said:

Hmm, went to change password and got "Steam cannot process your request" error repeatedly =/

I believe it gives you that error even if their servers are fine, but you're typing in your password incorrectly.

#16 Posted by DaemonBlack (342 posts) -

Thanks for the info Patrick.

#17 Posted by Vitor (2815 posts) -
#18 Posted by Mr_Skeleton (5140 posts) -

They should have Pulled a Sony and ignore this for a week.

#19 Posted by Brian333 (43 posts) -

!@#@U#!@#*!#%*!#@(@#!*(&*@*@@10_**&^%@!&!

In the time-tested and revered words of Samuel L. Jackson "God dammit! I hate this hacker crap!

#20 Posted by devilzrule27 (1239 posts) -

@Mr_Skeleton: Given it happened on Sunday and we are finding out about it on Thursday, they kinda did.

#21 Posted by Draugen (636 posts) -

Man, I'm so sick of these thieving bastards.

#22 Posted by VibratingDonkey (873 posts) -

May not be necessary as I have unique passwords and in this case a different email, but changing your Steam password (and don't forget your security question) only takes like a minute, so, might as well.

The forums are currently down and you'll be forced to change your password during your next login.

#23 Posted by PinkSoda (88 posts) -

Oh them silly hackers.

#24 Posted by MrAristocrates (194 posts) -

@Mr_Skeleton: That's not what happene-Whatever. I was sick of dealing with this crap back in May.

#25 Posted by Winsord (1201 posts) -

Unable to change passwords for the time being, which I guess makes sense as the infiltrators could pull a fast one. Ugh, these intrusions happening more and more frequently is really quite bothersome, and pretty freaky when it happens to a service that you've got personal details or financial details attached to. I really hope this wasn't a poor security issue on Valve's side... or do I? If they had strong security and people still got in, that's bad, but having a weak defense and people getting in is also bad; no winning here.

#26 Posted by Nihilius (168 posts) -

Changed password, but I forgot how to alter Credit/Debit cards.

#27 Posted by jasonefmonk (350 posts) -

@MrAristocrates said:

@Mr_Skeleton: That's not what happene-Whatever. I was sick of dealing with this crap back in May.

Misinformation spreads better than the reliable kind.

#28 Edited by Poki3 (525 posts) -

You shouldn't be worried about your Steam account if you confirmed your email address. Steam will send you an email with a code you need to enter if you try loging in from a location steam doesn't recognize.

That said, if you use the same password anywhere else or have the same email password... Credit card information is also compromised. Though if everything was hashed, salted and encrypted chances anyone gets any real use out of it is pretty low. Better safe then sorry, I might request a new credit card... again -_-

Getting tired of changing my passwords though. First Kotaku, then Sony, now Valve. Getting sick of this "cyber terrorism" crap. Go back to finding way to phone for free...

#29 Posted by DjCmeP (1148 posts) -

Changed my password for a more secure one. I didn't have a forum account but better be safe...

#30 Posted by ervonymous (1297 posts) -

Steam Guard keeping me safe, too bad about the credit cards though..

#31 Posted by boxing_hobo (24 posts) -

See sony this How you do it

#32 Posted by VicRattlehead (1398 posts) -

its a huge bummer that video game networks are getting targeted like this, i hope giantbomb is taking precautions with our data just incase

#33 Posted by NoelVeiga (1091 posts) -

Oh, wow, I'm really proud at the measured and quiet response of everyone on the Internet about this. People are really taking it well and not freaking out before an actual problem happens. We must be growing up as a community, getting more mature.

...

Or the narrative that everybody has been adhering to for the last year or so has suddenly become contradictory with reality and the massive shock of cognitive dissonance has resulted in either silence or uncomfortable rationalization.

But most likely maturity.

#34 Posted by Kowalo (90 posts) -

Password changed, thanks for the heads up.

#35 Posted by Winternet (8012 posts) -

Changed the password and then remembered: I don't have an account on the Steam forums. Oh well.

#36 Posted by RuthLoose (802 posts) -

Good on them for not taking days to get the word out.

#37 Posted by MaFoLu (1858 posts) -

So this is where people start saying the Xbox is the best platform because it's totally safe?

#38 Posted by thirteenyahs (128 posts) -

@Winternet said:

Changed the password and then remembered: I don't have an account on the Steam forums. Oh well.

Same here. I'm shocked that I don't have a steam forum account.

#39 Posted by Superfriend (1541 posts) -

Fuck everybody involved in this. Honestly. I have to change a lot of my passwords every month now and I´m constantly forced to monitor credit card activity because these assholes can´t keep their shit together. Oh and the hackers are no better either. Fuck em. They can all die and rot to a pile of dirt for all I care.

#40 Posted by Rhaknar (5939 posts) -

sigh, changed my pass...now Steam says its wrong...whut? And Skyrim is out in half an hour, yay

#41 Posted by Enigma777 (6070 posts) -

Hey guys, remember when Sony got hacked and people were saying this would never happen to a "proper" service like Steam?

#42 Posted by Nights (609 posts) -

National conspiracy to help fuel the "need" for a privately owned, centralized login system!

Or people are just assholes.

#43 Posted by Nihilius (168 posts) -

@Pr1mus: Ah ok, thanks. It seems I don't have any cards attached which is a good sign. I usually use paypal.

#44 Posted by mistergrieves (24 posts) -

oh damn.

#45 Posted by Otzlowe (337 posts) -

I honestly hate the people who are okay with pulling shit like this. The internet is a cesspool, I get that, but these people are probably pissing in the pool that they swim in.

I'd change my password too, but Steam currently won't process the request. =/

#46 Posted by Parsnip (1082 posts) -

Well, at least it's hashed and encrypted, unlike PSN was.

#47 Posted by Ironlink (43 posts) -

At times like these, I am happy that I use KeePass and unique, random passwords for every site. Now, I only need to change one password.

#48 Posted by mewarmo990 (835 posts) -

I've always used PayPal for all my Steam purchases, so at least I don't have to worry about CC info. Still gonna update my passwords.

#49 Posted by BabyChooChoo (4362 posts) -

@bonorbitz said:

Whoob-boo-boo-boo-boo! I know what I'm doing when I get home tonight.

...listening to dubstep?

#50 Posted by Fuga (206 posts) -

steam is dead

This edit will also create new pages on Giant Bomb for:

Beware, you are proposing to add brand new pages to the wiki along with your edits. Make sure this is what you intended. This will likely increase the time it takes for your changes to go live.

Comment and Save

Until you earn 1000 points all your submissions need to be vetted by other Giant Bomb users. This process takes no more than a few hours and we'll send you an email once approved.