Steam user database compromised, Newell addresses Steam users

Discussion in 'User Submitted News' started by soulx, Nov 10, 2011.

  1. soulx
    OP

    soulx GBAtemp Legend

    Member
    10,130
    4,707
    Apr 4, 2009
    Canada
    Warning: Spoilers inside!

    Dear Steam Users and Steam Forum Users,

    Our Steam forums were defaced on the evening of Sunday, November 6. We began investigating and found that the intrusion goes beyond the Steam forums.

    We learned that intruders obtained access to a Steam database in addition to the forums. This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating.

    We don't have evidence of credit card misuse at this time. Nonetheless you should watch your credit card activity and statements closely.

    While we only know of a few forum accounts that have been compromised, all forum users will be required to change their passwords the next time they login. If you have used your Steam forum password on other accounts you should change those passwords as well.

    We do not know of any compromised Steam accounts, so we are not planning to force a change of Steam account passwords (which are separate from forum passwords). However, it wouldn't be a bad idea to change that as well, especially if it is the same as your Steam forum account password.

    We will reopen the forums as soon as we can.

    I am truly sorry this happened, and I apologize for the inconvenience.

    Gabe.



    [​IMG] Source

    Glad I activated Steam Guard. All those annoying emails were worth it.
     


  2. Nujui

    Nujui I need something to do.

    Member
    3,933
    129
    Aug 12, 2010
    United States
    Dreamland.
    Didn't know they went that far.

    Haven't really log into steam for sometime, better do it now.
     
  3. 8BitWalugi

    8BitWalugi Taiyohhhhhh!

    Member
    3,323
    190
    Mar 22, 2008
    Side 7
    Am I the only one that's getting really fucking pissed off by these hacks?
     
    1 person likes this.
  4. jamesaa

    jamesaa The Prince of Insufficient Light

    Member
    663
    46
    Jan 8, 2006
    Ah crap, so that's why the forum has been down for the last few days.

    Better go change some passwords, and check my card statements.

    At least I still have steam guard, and my email password is nothing like my Steam password so my account should be safe.
     
  5. Heran Bago

    Heran Bago Where do puyo come from?

    Member
    2,992
    389
    Nov 6, 2005
    United States
    Foggy California
    Hilarious! Good thing I use a unique password for Steam of anything that could conceivably be tied to a card or account!
     
  6. Xuphor

    Xuphor I have lied to all of you. I am deeply sorry.

    Banned
    1,681
    957
    Jul 14, 2007
    United States
    USA
    Glad I was banned from steam years ago, and never used any real information anyway.
     
  7. Prof. 9

    Prof. 9 GBAtemp Fan

    Member
    318
    115
    Jun 17, 2008
    Netherlands
    The Netherlands
    I'm pissed they keep letting themselves get hacked.
     
    2 people like this.
  8. MarkDarkness

    MarkDarkness Deliverator

    Member
    708
    149
    Dec 17, 2009
    Poland
    That's what you get for buying games "legitimately". Not only you don't own the game, you still have your confidential data handled by idiots who will get their asses pwned by someone. Don't know why ever ever choose to trust that shit Steam... I have officially stopped buying from it and removed my personal information from it permanently.
     
    1 person likes this.
  9. Ron

    Ron somehow a weeb now.

    Member
    2,838
    388
    Dec 10, 2009
    Canada
    here
    God, how did this happen?

    Anyways, Gabe Newell is one of the few people in corporate that I respect, he has the guts and courage to come out and admit that something bad has happened, and to apologize for something that was not his fault.

    Good thing I have never bought a paid game on Steam?
     
  10. Ammako

    Ammako GBAtemp Guru

    Member
    6,400
    3,529
    Dec 22, 2009
    Canada
    Good thing I never bought any games on Steam.
     
  11. Thesolcity

    Thesolcity Wherever the light shines, it casts a shadow.

    Member
    2,157
    597
    Oct 2, 2010
    United States
    San Miguel
    Oh fuck
     
  12. soulx
    OP

    soulx GBAtemp Legend

    Member
    10,130
    4,707
    Apr 4, 2009
    Canada
    You guys do realize that your passwords were "hashed and salted" and that the credit card numbers were encrypted.

    Your personal information hasn't necessarily been accessed yet which is why it's in your best interest to change your password now.
     
  13. junkerde

    junkerde Banned

    Banned
    483
    37
    Jan 3, 2011
    United States
    wat about all the games i registered! ALL OF THEM ARE GONNA GET HACKED AND I WONT BE ABLE TO GET THEM??? (changes password) no more panic hahahaha (next day credit card number stolen, dies)
     
  14. baramos

    baramos Advanced Member

    Newcomer
    85
    0
    Dec 16, 2006
    Sounds like they followed good security practices as far as keeping some things encrypted, in different databases, not storing clear text passwords etc.. The fact is no software or firewall is perfect never will be with the modern complexities and any system is potentially at risk as long it is online or comes in contact with anything that has been on a machine that is online like a usb stick, no matter how much you spend just ask the US government :P. But you can follow smart practices like they did to reduce the harm done if a breach does occur as they did. Just change your password sounds like its no big deal at least they actually told us what was up unlike with our pals Sony who took forever. I never got much from steam just a few gifts from friends is it but hearing there security practices makes more personally more confident in purchasing from them in the the future I'll prob hit up there Christmas sale this year.
     
  15. injected11

    injected11 Crescent Freshâ„¢

    Member
    1,776
    48
    Jul 17, 2009
    United States
    (Unchecks the "save credit card info" box on checkout screen)
    Well that was a hard problem to solve...

    Steam took proper precautions to ensure they couldn't get their hands on usable data, and informed us of what happened much quicker than other companies have in the past. People need to read the statement and understand what it says before they start bitching and moaning over something that will have no effect on them at all.
     
    1 person likes this.
  16. deathking

    deathking GBAtemp Advanced Fan

    Member
    647
    18
    Mar 15, 2009
    United States
    As a gesture of goodwill gabe should give out a free game or credit
    steam needs better security.
     
  17. junkerde

    junkerde Banned

    Banned
    483
    37
    Jan 3, 2011
    United States
    (reads quote, still dies.)
     
  18. The Milkman

    The Milkman GBATemp's Official Asshat Milkman

    Member
    3,471
    1,111
    Jan 12, 2011
    United States
    Throwing milk at the bitches!
    Looks like steam pulled a Sony :D
    -ta-ta-ta-dum.
     
  19. MarkDarkness

    MarkDarkness Deliverator

    Member
    708
    149
    Dec 17, 2009
    Poland
    You speak as if you knew the grade of the encryption used. Encryption != everything is fine. Credit card data, in any state, is the highest form of security breach.
     
  20. Ammako

    Ammako GBAtemp Guru

    Member
    6,400
    3,529
    Dec 22, 2009
    Canada
    Steam giving out a free game = Steam giving out free Skyrim almost on release.

    In other words, it won't happen.