|
Your donations keep RPGWatch running!
Just an FYI, Steam was hacked
November 11th, 2011, 01:29
Not sure if this was posted yet and I am sure everyone will know shortly. But as an FYI:
Valve CEO Gabe Newell has contacted all users of the Steam game distribution platform to let them know that the company has suffered a security breach. The hack was originally thought to be limited to the official Steam forums, but further investigation has revealed that the hackers had access to a database containing “user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information.”
That said, they says that they have no evidence that any personally identifiable information was actually taken, and have detected no fraudulent credit card information.
Users of the service are advised to change their passwords and be on the watch for suspicious account activity.
Here’s the notice in its entirety:
Dear Steam Users and Steam Forum Users,
Our Steam forums were defaced on the evening of Sunday, November 6. We began investigating and found that the intrusion goes beyond the Steam forums.
We learned that intruders obtained access to a Steam database in addition to the forums. This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating.
We don’t have evidence of credit card misuse at this time. Nonetheless you should watch your credit card activity and statements closely.
While we only know of a few forum accounts that have been compromised, all forum users will be required to change their passwords the next time they login. If you have used your Steam forum password on other accounts you should change those passwords as well.
We do not know of any compromised Steam accounts, so we are not planning to force a change of Steam account passwords (which are separate from forum passwords). However, it wouldn’t be a bad idea to change that as well, especially if it is the same as your Steam forum account password.
We will reopen the forums as soon as we can.
I am truly sorry this happened, and I apologize for the inconvenience.
Gabe.
November 11th, 2011, 03:18
Still no message from Steam/Valve about it. Only know about it because of RPGWatch & Slashdot.
It won't even let me change my password in Steam. Its saying "Steam cannot process your request. Please try again later"…
It won't even let me change my password in Steam. Its saying "Steam cannot process your request. Please try again later"…
Watchdog
November 11th, 2011, 03:45
I haven't been contacted.
--
Despite all my rage.
I'm still just a rat in a cage.
Despite all my rage.
I'm still just a rat in a cage.
November 11th, 2011, 11:59
I haven't been contacted. But I haven't been in steam for around a month.
And so far I haven't bought anything there. Just used the voucher I got from them during last year's Games Com, and "bought" a few games and demos which are actually free there.
I'm glad now that I didn't go further so far.
And so far I haven't bought anything there. Just used the voucher I got from them during last year's Games Com, and "bought" a few games and demos which are actually free there.
I'm glad now that I didn't go further so far.
--
"Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius and a lot of courage to move in the opposite direction." (E.F.Schumacher, Economist, Source)
"Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius and a lot of courage to move in the opposite direction." (E.F.Schumacher, Economist, Source)
November 11th, 2011, 12:15
I can't change my password either.
Edit: Nevermind. I just needed to do it again. They must be swamped with people changing their passwords.
Edit: Nevermind. I just needed to do it again. They must be swamped with people changing their passwords.
--
Despite all my rage.
I'm still just a rat in a cage.
Despite all my rage.
I'm still just a rat in a cage.
November 11th, 2011, 13:18
Originally Posted by Alrik FassbauerHence you haven't been "contacted". The message was sent using the Steam pop-up system, so if you aren't using it, you won't have seen it.
I haven't been contacted. But I haven't been in steam for around a month.
--
-= RPGWatch =-
-= RPGWatch =-
November 11th, 2011, 13:47
Ah the bliss of online digital distribution.
So in addition to DRM we get the benefit to worry about stuff like that every once in a while (Not that I do really as I pay them via paypal linked to a debit card from an account
that only has a couple of hundred Euros at most)…
That is why I only buy retail (usually at half the price and I can play them whenever wherever I want) and only give steam money on sales and stuff…
Unfortunately, they are forcing steamworks on us for retail too at an alarming rate lately…
Edit: Just logged in from my macbook. No popup or notification…
So in addition to DRM we get the benefit to worry about stuff like that every once in a while (Not that I do really as I pay them via paypal linked to a debit card from an account
that only has a couple of hundred Euros at most)…
That is why I only buy retail (usually at half the price and I can play them whenever wherever I want) and only give steam money on sales and stuff…
Unfortunately, they are forcing steamworks on us for retail too at an alarming rate lately…
Edit: Just logged in from my macbook. No popup or notification…
Last edited by JonNik; November 11th, 2011 at 14:04.
Reason: Hmm
November 11th, 2011, 14:26
I like cash too for most of my purchases
But yeah, no way to be 100% sure and I do use Amazon extensively, but the debit card/paypal solution does give me a bit of peace of mind…
Anyway, changed my password just in case…
But yeah, no way to be 100% sure and I do use Amazon extensively, but the debit card/paypal solution does give me a bit of peace of mind…
Anyway, changed my password just in case…
November 11th, 2011, 21:53
Thanks for the heads up btw.
You can delete any card you put in the system but that is a day late, so time to watch those statements or call and check them out every week at least.
Putting the notification in a popup is a bit lax on their part. Most people have popups blocked.
You can delete any card you put in the system but that is a day late, so time to watch those statements or call and check them out every week at least.
Putting the notification in a popup is a bit lax on their part. Most people have popups blocked.
--
Bart and Corwin should just admit that when it gets down to it, I will have the final say.
Bart and Corwin should just admit that when it gets down to it, I will have the final say.
November 13th, 2011, 02:44
Shit, again? I had a 1000,- payment on my card when some server got hacked in the past, I should be careful and check this stuff. It's convenient for international payments, but shit… when will we be able to set up secure servers? Probably never.
SasqWatch
|
|
All times are GMT +2. The time now is 07:57.

