PDA

View Full Version : Steam database hacked. Encrypted credit card information and passwords compromised


Pages : [1] 2

MikeC
11-10-11, 07:03 PM
http://www.pcgamer.com/2011/11/10/steam-database-hacked-encrypted-credit-card-information-and-passwords-compromised/

Valve have just informed us that Steam’s database has been compromised.

An IM is being sent out to all Steam users. Here are the details straight from Gabe:

“Our Steam forums were defaced on the evening of Sunday, November 6. We began investigating and found that the intrusion goes beyond the Steam forums.

We learned that intruders obtained access to a Steam database in addition to the forums. This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked.”

Valve are “still investigating” the situation. They mention that there’s been no evidence of illegal credit card activity as yet, and that it’s probably a good idea to change both your Steam passwords. To do that, access Settings from the Steam menu within the client.

Newell signs off his IM with sincerity: “I am truly sorry this happened, and I apologize for the inconvenience.”

Steam joins a long list of high profile targets who have recently been targeted by Hackers. Sony, Codemasters and Bioware have all taken the hit. Valve recently announced Steam Guard, designed to increase account security; Gabe even gave out his password to show off its true power. That makes us extra sad.

Sean_W
11-10-11, 07:08 PM
Yeah, it's sad and someone should find who these people are who are making such high profile attacks.

Mr. Hunt
11-10-11, 08:55 PM
Not happy about this at all... but where are all of those people who laughed at the PSN users that got hacked earlier this year? It sucks, doesn't it? Sucks worse for me since this is the second time it has happened :\.

MUYA
11-10-11, 08:59 PM
Man I find this out when I am at work and I cannot access steam!

bob saget
11-10-11, 09:18 PM
i hope they leave my account alone :bleh:

Bearclaw
11-10-11, 09:26 PM
Not happy about this at all... but where are all of those people who laughed at the PSN users that got hacked earlier this year? It sucks, doesn't it? Sucks worse for me since this is the second time it has happened :\.

I'm right here.

:lol: Still laughing at PSN because the service was down for a whole month.

bacon12
11-10-11, 09:30 PM
Yea checked my CC no charges thus far. So the only confirmed malice was compromising forum accounts thus far.

I don't get why they would attack steam/valve? Sony was to prove a point, and to my knowledge no one has claimed this.

AthlonXP1800
11-10-11, 09:34 PM
I accessed Steam and everything seemed fine. PSN was hacked earlier this year then 4 days ago Xbox was been hacked 4 days ago and money had been nicked from accounts.

http://www.neowin.net/news/xbox-live-accounts-being-compromised-money-taken

So now Steam been hacked, thankfully I checked all my games library and all fine, no money spend or took from my account.

Bah!
11-10-11, 09:34 PM
Not happy about this at all... but where are all of those people who laughed at the PSN users that got hacked earlier this year? It sucks, doesn't it? Sucks worse for me since this is the second time it has happened :\.

You aren't going to get the same reaction from people with this as you did from the PSN hack, even though it's just as bad, if not worse, than that screw up. People love to hate Sony, and Valve can do no wrong.

Just one other reason to not like Steam. Anyone who can hack their databases has access to your entire gaming library!

|MaguS|
11-10-11, 09:49 PM
Yeah where is the outrage like what was directed at Sony? This is far worse then Sony's since almost every account compromised on the Steam hack had a CC tied to it, that was not the case with the PSN Hack.

MUYA
11-10-11, 09:50 PM
Well i just stopped my CC....maybe an over reaction but I just want to be safe

six_storm
11-10-11, 10:13 PM
We already pay for a CC monitoring service, so I'm not worried.

Shamrock
11-10-11, 10:21 PM
On the eve of Skyrim too.

Bearclaw
11-10-11, 10:46 PM
Yeah where is the outrage like what was directed at Sony? This is far worse then Sony's since almost every account compromised on the Steam hack had a CC tied to it, that was not the case with the PSN Hack.

Eh, who knows. Most people, if not all, I know don't keep CC on file.

Ninja Prime
11-10-11, 10:52 PM
Yeah where is the outrage like what was directed at Sony? This is far worse then Sony's since almost every account compromised on the Steam hack had a CC tied to it, that was not the case with the PSN Hack.

Sony waited weeks to tell people about, and then other weeks to tell people the scope of it, and still more weeks to apologise for it.

Bah!
11-10-11, 11:08 PM
Sony waited weeks to tell people about, and then other weeks to tell people the scope of it, and still more weeks to apologise for it.

And for the record Sony took exactly 6 days to tell people...the same time it took Valve. This happened months after the Sony incident and as many as THREE times as many credit cards could have been compromised as well as entire gaming libraries.

Your post is exactly what I was expecting when I made my last post. The fact that this situation is possibly WORSE than the PSN situation and you could still defend Valve while at the same time attack Sony shows just how ridiculous your anti-Sony hate train is.

Anyone who attacked Sony and doesn't do the same here is either a complete moron or a Valve fanboy.

Ninja Prime
11-10-11, 11:16 PM
And for the record Sony took exactly 6 days to tell people...the same time it took Valve. This happened months after the Sony incident and as many as THREE times as many credit cards could have been compromised as well as entire gaming libraries.

Your post is exactly what I was expecting when I made my last post. The fact that this situation is possibly WORSE than the PSN situation and you could still defend Valve while at the same time attack Sony shows just how ridiculous your anti-Sony hate train is.

Anyone who attacked Sony and doesn't do the same here is either a complete moron or a Valve fanboy.

So the 6th to the 10th = 6 days? Wish I was a math wiz like you... What about the rest? They didn't let on the scope of the breach for over 2 weeks.

Furthermore, all steams passwords were hashed and salted, and CCs encrypted, as opposed to sonys moron level plain text file security. It will take months, maybe years just to brute force a handful of CCs. Sonys breach was bad because of their lack of security.

Edit: I'm not trying to defend Steam, getting hacked like this is a major fail. Its just not as bad as Sonys hack, because their security was in order.

Bah!
11-10-11, 11:42 PM
So the 6th to the 10th = 6 days? Wish I was a math wiz like you... What about the rest? They didn't let on the scope of the breach for over 2 weeks.

Furthermore, all steams passwords were hashed and salted, and CCs encrypted, as opposed to sonys moron level plain text file security. It will take months, maybe years just to brute force a handful of CCs. Sonys breach was bad because of their lack of security.

Alright, so 4 1/2 is acceptable to you but 6 is just way out of line?..lol.

And for the scope of what happens with this mess you have no freaking clue. All Valve has done so far is made a post telling people about it and they are still investigating which is what Sony had to do and it took time. Did Valve magically tell you the extent of the breach today?...no, they are investigating and I assure you they won't know the extent for a while.

As far as what was taken you are delusional. The only difference is the PW's, Sonys CC's were all encrypted as well but you had no problem giving them a hard time about that at the time, suddenly encryption matters to you? Never mind the fact that if a hacker gets your information you could lose your entire PC gaming catalog, where on the PSN that would have been impossible.

12 million encrypted CC's were taken from an old PSN database and you start spewing hate, but 33 million are taken from the current Steam database and you are defending it? The vast majority of those 12 million cards from Sony were old and out of date, just about every card on Steam is current!!

Sony lacked security? WTF do you call what just happened to Steam? Six months AFTER what happened to Sony and a dozen other companies!

It's seriously laughable how ridiculous your arguments are in the face of how you acted when this happened to Sony. Look up hypocritical in the dictionary, it probably has your picture next to it.

Ninja Prime
11-10-11, 11:47 PM
Did Valve magically tell you the extent of the breach today?...no, they are investigating and I assure you they won't know the extent for a while...

...12 million encrypted CC's were taken from an old PSN database and you start spewing hate, but 33 million are taken from the current Steam database and you are defending it? The vast majority of those 12 million cards from Sony were old and out of date, just about every card on Steam is current!!

Which is it? Either you know the extent to know those numbers, or you are making crap up, can't have both... Either way, you are wrong. Sorry Bah!, all those times you went down on Sony were for nothing. :(

MUYA
11-11-11, 12:09 AM
I Did the perpetrators actually take CC information or was it just a breach?

Ninja Prime
11-11-11, 12:20 AM
I Did the perpetrators actually take CC information or was it just a breach?

"We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating."

Thats the best answer for now, so probably not, but maybe.

munkus
11-11-11, 10:08 AM
The CC info was encrypted, so even if they did get it, without the key it's useless.

Of course, I shouldn't underestimate hackers.

Sean_W
11-11-11, 10:55 AM
Unfortunately it's a modern day fact of life now. The blame lands fully with the crackers because no system is ever 100% safe.

Albo
11-11-11, 11:16 AM
Awe ****.

bob saget
11-11-11, 11:44 AM
Unfortunately it's a modern day fact of life now. The blame lands fully with the crackers because no system is ever 100% safe.

motherf*ckers!

http://4.bp.blogspot.com/_RAysAk-Q5zQ/TOqsD5-FvPI/AAAAAAAAAS8/GP_nvz4IbBk/s1600/nabisco-ritz-crackers.jpg









sorry :p