Steam Hacked, Valve Urges Credit Card Vigilance

By  |  Thursday, November 10, 2011 at 3:24 pm

Apparently not all game publishers soaked in the lessons from Sony’s Playstation Network hack last April. Valve, which runs the popular Steam PC game service, said one of its databases was compromised over the weekend. The database contained user names, hashed and salted passwords, purchase information, e-mail addresses, billing addresses and encrypted credit card information.

“We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating,” Valve’s co-founder and managing director, Gabe Newell, said in a statement.

Still, Newell told Steam users to watch their credit card statements and activity closely.

The breach stems from an intrusion into Valve’s Steam forums. After investigating, Valve discovered that the hack went beyond the Steam forums, but there’s still no evidence of compromised information beyond a handful of forum accounts.

“We do not know of any compromised Steam accounts, so we are not planning to force a change of Steam account passwords (which are separate from forum passwords). However, it wouldn’t be a bad idea to change that as well, especially if it is the same as your Steam forum account password,” Newell said.

So, it’s a security blunder on Valve’s part, and now everyone who’s used Steam should probably change their passwords to be on the safe side. Frustrating? Sure, but at least Newell has the humility to do something that took Sony a long time to accomplish: he apologized. “I am truly sorry this happened,” Newell’s statement concludes, “and I apologize for the inconvenience.”

 
4 Comments


Read more: 

4 Comments For This Post

  1. Anon Says:

    FIRST!

    Valve sucks and so does Steam(ing pile).

  2. XFIREZZZ Says:

    no you are a dumb yokel peasant. ^ Anon

  3. Waltman Says:

    Finally my aversion to reading and posing on forums pays off!

  4. Sir Fatty Says:

    Too bad an email wasn’t sent out to the users. If not for this site, I would not have known.

    Also, the password cannot be changed via the Steam website, only through the client. So, at work, I cannot change my password and have to wait until I get home.