Steam user database compromised, Newell addresses Steam users

Discussion in 'User Submitted News' started by soulx, Nov 10, 2011.

  1. soulx
    OP

    Member soulx GBAtemp Legend

    Joined:
    Apr 4, 2009
    Messages:
    10,130
    Country:
    Canada
    Warning: Spoilers inside!

    Dear Steam Users and Steam Forum Users,

    Our Steam forums were defaced on the evening of Sunday, November 6. We began investigating and found that the intrusion goes beyond the Steam forums.

    We learned that intruders obtained access to a Steam database in addition to the forums. This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating.

    We don't have evidence of credit card misuse at this time. Nonetheless you should watch your credit card activity and statements closely.

    While we only know of a few forum accounts that have been compromised, all forum users will be required to change their passwords the next time they login. If you have used your Steam forum password on other accounts you should change those passwords as well.

    We do not know of any compromised Steam accounts, so we are not planning to force a change of Steam account passwords (which are separate from forum passwords). However, it wouldn't be a bad idea to change that as well, especially if it is the same as your Steam forum account password.

    We will reopen the forums as soon as we can.

    I am truly sorry this happened, and I apologize for the inconvenience.

    Gabe.



    [​IMG] Source

    Glad I activated Steam Guard. All those annoying emails were worth it.
     


  2. Nujui

    Member Nujui I need something to do.

    Joined:
    Aug 12, 2010
    Messages:
    3,933
    Location:
    Dreamland.
    Country:
    United States
    Didn't know they went that far.

    Haven't really log into steam for sometime, better do it now.
     
  3. 8BitWalugi

    Member 8BitWalugi Taiyohhhhhh!

    Joined:
    Mar 22, 2008
    Messages:
    3,271
    Location:
    Side 7
    Country:
    Australia
    Am I the only one that's getting really fucking pissed off by these hacks?
     
    1 person likes this.
  4. jamesaa

    Member jamesaa The Prince of Insufficient Light

    Joined:
    Jan 8, 2006
    Messages:
    662
    Country:
    United Kingdom
    Ah crap, so that's why the forum has been down for the last few days.

    Better go change some passwords, and check my card statements.

    At least I still have steam guard, and my email password is nothing like my Steam password so my account should be safe.
     
  5. Heran Bago

    Member Heran Bago Where do puyo come from?

    Joined:
    Nov 6, 2005
    Messages:
    2,846
    Location:
    Foggy California
    Country:
    United States
    Hilarious! Good thing I use a unique password for Steam of anything that could conceivably be tied to a card or account!
     
  6. Xuphor

    Banned Xuphor I have lied to all of you. I am deeply sorry.

    Joined:
    Jul 14, 2007
    Messages:
    1,681
    Location:
    USA
    Country:
    United States
    Glad I was banned from steam years ago, and never used any real information anyway.
     
  7. Prof. 9

    Member Prof. 9 GBAtemp Fan

    Joined:
    Jun 17, 2008
    Messages:
    316
    Location:
    The Netherlands
    Country:
    Netherlands
    I'm pissed they keep letting themselves get hacked.
     
    2 people like this.
  8. MarkDarkness

    Member MarkDarkness Deliverator

    Joined:
    Dec 17, 2009
    Messages:
    692
    Country:
    Poland
    That's what you get for buying games "legitimately". Not only you don't own the game, you still have your confidential data handled by idiots who will get their asses pwned by someone. Don't know why ever ever choose to trust that shit Steam... I have officially stopped buying from it and removed my personal information from it permanently.
     
    1 person likes this.
  9. Ron

    Member Ron somehow a weeb now.

    Joined:
    Dec 10, 2009
    Messages:
    2,837
    Location:
    here
    Country:
    Canada
    God, how did this happen?

    Anyways, Gabe Newell is one of the few people in corporate that I respect, he has the guts and courage to come out and admit that something bad has happened, and to apologize for something that was not his fault.

    Good thing I have never bought a paid game on Steam?
     
  10. Ammako

    Member Ammako GBAtemp Guru

    Joined:
    Dec 22, 2009
    Messages:
    6,372
    Country:
    Canada
    Good thing I never bought any games on Steam.
     
  11. Thesolcity

    Member Thesolcity Wherever the light shines, it casts a shadow.

    Joined:
    Oct 2, 2010
    Messages:
    2,146
    Location:
    San Miguel
    Country:
    United States
  12. soulx
    OP

    Member soulx GBAtemp Legend

    Joined:
    Apr 4, 2009
    Messages:
    10,130
    Country:
    Canada
    You guys do realize that your passwords were "hashed and salted" and that the credit card numbers were encrypted.

    Your personal information hasn't necessarily been accessed yet which is why it's in your best interest to change your password now.
     
  13. junkerde

    Banned junkerde Banned

    Joined:
    Jan 3, 2011
    Messages:
    483
    Country:
    United States
    wat about all the games i registered! ALL OF THEM ARE GONNA GET HACKED AND I WONT BE ABLE TO GET THEM??? (changes password) no more panic hahahaha (next day credit card number stolen, dies)
     
  14. baramos

    Newcomer baramos Advanced Member

    Joined:
    Dec 16, 2006
    Messages:
    85
    Country:
    Sounds like they followed good security practices as far as keeping some things encrypted, in different databases, not storing clear text passwords etc.. The fact is no software or firewall is perfect never will be with the modern complexities and any system is potentially at risk as long it is online or comes in contact with anything that has been on a machine that is online like a usb stick, no matter how much you spend just ask the US government :P. But you can follow smart practices like they did to reduce the harm done if a breach does occur as they did. Just change your password sounds like its no big deal at least they actually told us what was up unlike with our pals Sony who took forever. I never got much from steam just a few gifts from friends is it but hearing there security practices makes more personally more confident in purchasing from them in the the future I'll prob hit up there Christmas sale this year.
     
  15. injected11

    Member injected11 Crescent Freshâ„¢

    Joined:
    Jul 17, 2009
    Messages:
    1,776
    Country:
    United States
    (Unchecks the "save credit card info" box on checkout screen)
    Well that was a hard problem to solve...

    Steam took proper precautions to ensure they couldn't get their hands on usable data, and informed us of what happened much quicker than other companies have in the past. People need to read the statement and understand what it says before they start bitching and moaning over something that will have no effect on them at all.
     
    1 person likes this.
  16. deathking

    Member deathking GBAtemp Advanced Fan

    Joined:
    Mar 15, 2009
    Messages:
    647
    Country:
    United States
    As a gesture of goodwill gabe should give out a free game or credit
    steam needs better security.
     
  17. junkerde

    Banned junkerde Banned

    Joined:
    Jan 3, 2011
    Messages:
    483
    Country:
    United States
    (reads quote, still dies.)
     
  18. The Milkman

    Member The Milkman GBATemp's Official Asshat Milkman

    Joined:
    Jan 12, 2011
    Messages:
    3,471
    Location:
    Throwing milk at the bitches!
    Country:
    United States
    Looks like steam pulled a Sony :D
    -ta-ta-ta-dum.
     
  19. MarkDarkness

    Member MarkDarkness Deliverator

    Joined:
    Dec 17, 2009
    Messages:
    692
    Country:
    Poland
    You speak as if you knew the grade of the encryption used. Encryption != everything is fine. Credit card data, in any state, is the highest form of security breach.
     
  20. Ammako

    Member Ammako GBAtemp Guru

    Joined:
    Dec 22, 2009
    Messages:
    6,372
    Country:
    Canada
    Steam giving out a free game = Steam giving out free Skyrim almost on release.

    In other words, it won't happen.
     

Share This Page