Valve head Gabe Newell sent out a message today explaining that the breach of Steam's forums this past Sunday goes beyond the message boards and potentially includes Steam account information.

“We learned that intruders obtained access to a Steam database in addition to the forums,” wrote Newell. “This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked.”

Valve has yet to find evidence of illegal credit card activity, though they are of course investigating into what exactly was compromised in the breach. Anyone with a Steam account should keep a close eye on their credit cards just in case. It would also be a good idea to change your Steam account and forum passwords (they should be different), as well as double-check that you aren’t using those passwords elsewhere on the Internet.

And just to be safe, you may want to reset which computers can authorize your Steam account. Just head to “Settings” (“Preferences” for Mac users). Find the “Accounts” tab and click on “Manage Steam Guard Account Security”. From there you can deauthorize all computers with access to the account and reauthorize them as you see fit.

Steam is up and running, though the forums remain closed after Sunday’s attack.

No word from Valve on any plans for a giveaway-themed apology. The PlayStation Network outage did set a precedent with Sony "making good" by gifting select titles to its users, so I wouldn’t be surprised to find at least a few games up for grabs after Valve sorts this all out.

Source: PC Gamer

POST A COMMENT

34 Comments

View All Comments

  • therealnickdanger - Friday, November 11, 2011 - link

    ... not for Xbox. :) Reply
  • piroroadkill - Monday, November 14, 2011 - link

    But then you'd be using a gimped version, so.. swings and roundabouts... Reply
  • anactoraaron - Saturday, November 12, 2011 - link

    I had a very similar question:

    Why didn't I wait to see that Skyrim is just another poorly done console port before buying the game on Steam? I would have avoided getting this game on my PC and broken ties with Bethesda altogether.
    Reply
  • Proxy711 - Thursday, November 10, 2011 - link

    You make it sound like steam was down this whole time. the only thing that was hacked was the steam forums. You could play your games at all times during and after the attacks.

    I'm impressed it took this long for steam to have a legit attack get thought, you'd think because steam is such a huge network for gamers with a lot of money and CC info being exchanged they would have been targeted more. Shows Valve knows a lot more about network security then sony, since at least they had info encrypted where as sony had it sitting on a server as plain text lol.
    Reply
  • FaaR - Friday, November 11, 2011 - link

    They probably get targetted every single day, with most attacks - hopefully! - rebuffed... To think otherwise is probably giving humanity too much credit, because it's easier to steal from others than becoming successful through your own efforts. And like you say, lots of money flow through Steam, and the prospect of laying hands on tons of dough is a huge scum-magnet. Reply
  • mi1stormilst - Thursday, November 10, 2011 - link

    Valve has been hacked before ... let's not for get the whole Half Life 2 fiasco ... it is starting to feel like no one is safe anywhere using the internet. Reply
  • Paul Tarnowski - Thursday, November 10, 2011 - link

    What? You're figuring this out just now? Seriously? Reply
  • silverblue - Friday, November 11, 2011 - link

    Steam maintained that the only way someone can get access to your account was down to user carelessness. Funny how someone else got my credentials and it became my fault... and took them a month to sort it out. Hell, they were insistent on having the product key off the HL2 Silver box that I didn't have considering I downloaded it directly from them.

    /rant
    Reply
  • gevorg - Thursday, November 10, 2011 - link

    Hi Kids!

    Call your credit card company and change CC numbers.
    Reply
  • Proxy711 - Thursday, November 10, 2011 - link

    They got encrypted CC info so its not like they can just take that data and start buying mass amounts of porn. (*wonders why that's all anyone does with stolen CC numbers*)

    Use paypal for payments. I'd rather have 1 site know my CC info then 50 other online stores.
    Reply

Log in

Don't have an account? Sign up now