Steam Hacked: “They May Have Gotten Your Credit Cards”
- Categories: Games, News
- Date: Nov 11, 2011 19:36 JST
- Tags: Announcements, Crime, DLC, Hacking, Internet, Sony, Technology, Valve
Top PC games developer Valve has joined Sony in being subject to a catastrophic database hack, with the security of customer credit card details and personal information stored on their Steam platform completely compromised.
The official admission seems to have learned something from the lack of candidness which cost Sony so dearly:
Dear Steam Users and Steam Forum Users:
Our Steam forums were defaced on the evening of Sunday, November 6. We began investigating and found that the intrusion goes beyond the Steam forums.
We learned that intruders obtained access to a Steam database in addition to the forums. This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating.
We don’t have evidence of credit card misuse at this time. Nonetheless you should watch your credit card activity and statements closely.
While we only know of a few forum accounts that have been compromised, all forum users will be required to change their passwords the next time they login. If you have used your Steam forum password on other accounts you should change those passwords as well.
We do not know of any compromised Steam accounts, so we are not planning to force a change of Steam account passwords (which are separate from forum passwords). However, it wouldn’t be a bad idea to change that as well, especially if it is the same as your Steam forum account password.
We will reopen the forums as soon as we can.
I am truly sorry this happened, and I apologize for the inconvenience.
Gabe.
Their inability to state with any certainty what was taken and the potential scope of the hack seem likely to further cement the reputation of data hoarding companies as being incapable of securely storing the personal and financial data they are so keen to gather – although it is not yet clear whether consumers really care about this enough to abandon such services, or have any choice in the matter.
The timing is likely to be particularly menacing to customer confidence in Steam, as November sees variety of high profile PC releases – which more security conscious gamers will likely see the merit in purchasing offline.
Xbox One “Clearly Inferior” To PS4, Sony Stock Surges
Microsoft Unveils Xbox One – “Enjoy Your TV & EA!”
China Quality Crossing: “Cross 100m in 5 Seconds…”
One Piece Cancelled Again as Eiichiro Oda Hospitalised
PS4 Revealed as “Square”
Top 25 Anime Girls Love & Guys Hate
Hyakka Ryoran Samurai Bride Naked Apron Anime
BlazBlue Gets TV Anime
Guilty Gear Xrd Sign: “In 3D & Using The Unreal Engine!?”
Electrifying Mikoto Misaka Figure
Japanese Makeup Terrifying as Ever…
Hentai Ouji to Warawanai Bondage Moe Anime
My Shironeko Can’t be this Cute!
Haganai Movie: “They Aren’t Even Trying!”
Macross Frontier Sheryl Nome Nendoroid
Top 25 Spring 2013 Anime You’ll Keep Watching
Kirino Kousaka One-Piece Dress Figure
Grand Union: “Just Give Up On Square Enix Already…”
Photo Kano Snaps Pussy
Vocaloid China Project “Even Cuter Than Miku!”
Korean Plastic Surgery More Impressive Than Ever
Fancy Frontier 21 Cosplay Fancier Than Ever
Wonder Festival 2013 Winter Cosplay
Ultra-Sexy Babes of Tokyo Auto Salon 2013
“Why Are Seiyuu Such Great Artists As Well?”
Even More Comiket 83 Day 3 Cosplay
Comiket 83 Day 3 Cosplay Cuter Than Ever
Comiket 83 Day 2 Cosplay Has Otaku Wet With Desire
Comiket 83 Day 1 Cosplay Cool As Ever
Chinese Cosplay Pure Quality: “They Even Have Enako!”
ALERT!
THE ENEMY HAS TAKEN OUR INTELLIGENCE!
If the encryption was decently good, then no worries, probably.
If the bad buys have a botnet of PCs with high-end graphics cards which the bad guys can program to decrypt that stolen credit card info, you might start worrying.
Even with a good botnet if the encryption hash is good (SHA1 for example) and your password is at least 8 alphanumeric characters I don't think you have to worry.
That suppose Valve is not like Sony storing your info with no encryption or shitty MD5...
now that your precious "unhackable steam" got hacked you all just trying to downgrade it and make it less worst than it is.
still remember that moron bringin up steam being unhackable to make a point about psn hack. back to you idiot hahahaha, just a matter of time
Nothing is unhackable. So fuck you and all your fucking hacker buddies, you are just an fucking inconvenience to this world. Useless no-lifes.
No choice. I'm an 14 year old recent orphan living in my grandmother's basement. I don't live here because I have a choice.
I like living in my mother's basement too.
Gabe confirmed they use AES256bit encryption for their credit card database.
Encryption that these corporations are using is a joke, it's all well documented, and generally well understood by anyone with a background in engineering security software.
Most of the "strong" encryption algorithms can be cracked by off-the-shelf GPUs at a ridiculously fast rate. Something more serious, as in computational hardware, will have an entire data-base cracked and offload the contents of those credit cards into obscure bank accounts, long before we get a press release about a hack that's occurred.
They could sit there for the rest of their lives and never crack proper encryption and a strong password.
That's why I use virtual credit cards which expire each month. Another way is to have second normal card which you keep empty except when right before you buy
Or.... use PayPal.
Until paypal gets hacked
Something like that already happened years ago.
The best solution will be, to have something install in your body. Specially in your hand or forehead. Just like the Bible says will happen.
Oh shi-
Damn it. I wish they sell those here. :|
That is a very good idea I use one of those walmart cards with only a certain amount of cash for paypal and other online purchases such as Wii channel stuff.
G-D D@MNIT! This is why we can't have nice things
Steam isn't a nice thing. It's a got damn dictatorship destroying the freedom of gaming.
Steam isn't a nice thing. It's a got damn dictatorship destroying the freedom of gaming
Steam isn't a nice thing. It's a got damn dictatorship destroying the freedom of gaming
Steam is not a truck. It's a series of tubes.
Steam isn't a nice thing. It's a got damn dictatorship destroying the freedom of gaming
Steam should send every user a free USB Onchan 8x better than their hand device for each account info was lost on. They got a lot of the online games now so I would put this as very very bad.
THE CAKE WAS A SPY!
I could careless, I don't use that crap for YEARS, but yes, I DO demand the USB Onchan as bonus due headache of hacking!
To bad for you, this is a dogie dog world after all.
I would like to inform you that it's 'I couldn't care less', what you said makes fuck all sense. I'm also gunna guess you say diamond dozen as well....
10/10 would rage again.
Why? Valve didn't need to take Steam down to fix the security hole (the forum) and they had all of the users sensitive data encrypted (unlike Sony).
Getting hacked is pretty much a fact of life. It even happens to the most secure of people.
USB Onchan + biometrics = secure online access.
It gives more time for people to change their passwords before the hackers crack and imitate the biometric data after copying it from server.
Please insert dick to confirm identity. Oh the value of seiyuus will skyrocket.
That's an awesome idea, actually. It would certainly help the affected consumers relieve some of their pain and anger, which would turn all that wasted energy into pleasure. xD
imagine shooting a Portal Gun with the ejaculation button..
Or how about an airsoft or BB gun and a foam cut out of Gabe Newman.
You can relieve your anger by shooting him.
>Newman
It's Gabe Newell.
clever Seinfeld joke?
Yah him lol.
Yes, they should pay you, for the crimes of another. It males perfect sense.
Let me guess, their security should have been better? Still doesn't take away the fact that someone else committed the crime in the first place.
Males? You mean "makes", bro
This is a spelling bee and HE is your JUDGE! Bow to the authority. And spell properly! *whip*
Lol'd @ replying to him because he made a typo. Why don't you spend time correcting all the replies with wrong grammar/wording like you have done with Anon 21:46? The others might get jealous they did not receive such privilege ):
Maybe he really meant "males"
Have to kind of agree. At the very least I'm glad they salted and hashed our passwords and encrypted the credit card info. None of the crap Sony pulled.
Why the fuck would steam store credit card info in the first place. So yes they should pay for the crime of being fucking retarded.
The credit card info was encrypted. Not like in the Sony incident where the information was wide open in plaintext.
Achievement unlocked
All you gotta do is uncheck a box so steam stops storing your credit card information. WAS THAT SO HARD?
It should be the default setting then.
Pretty sure it was; if not, I can confirm for a fact it is now.
Are you alice?
We're not in a wonderfull land here...
Alice ? Who the fuk is Alice ?
I have not heard this song in so long. Now it's stuck in my head. Thanks.
I think that option only stops steam storing your credit card information on that particular computer.