Steam hacked.

[Haggis and tatties]

I am getting really sick of these little wasters hacking everything...if its not places like amazon or Play its the PSN.......and now its steams turn.

Steam hacked

 

[SPCTRE]

Jeez, not again.

 

[Robert Maxwell]

Oh, goddammit.

 

[SPCTRE]

The following is being IM’d to the Steam user base.
———————-
Dear Steam Users and Steam Forum Users,
Our Steam forums were defaced on the evening of Sunday, November 6. We began investigating and found that the intrusion goes beyond the Steam forums.
We learned that intruders obtained access to a Steam database in addition to the forums. This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating.
We don’t have evidence of credit card misuse at this time. Nonetheless you should watch your credit card activity and statements closely.
While we only know of a few forum accounts that have been compromised, all forum users will be required to change their passwords the next time they login. If you have used your Steam forum password on other accounts you should change those passwords as well.
We do not know of any compromised Steam accounts, so we are not planning to force a change of Steam account passwords (which are separate from forum passwords). However, it wouldn’t be a bad idea to change that as well, especially if it is the same as your Steam forum account password.
We will reopen the forums as soon as we can.
I am truly sorry this happened, and I apologize for the inconvenience.
Gabe.
​

http://www.rockpapershotgun.com/2011/11/10/steam-hacked/#more-81770

 

[TheGodBen]

I know that the passwords were hashed, but I changed it last night anyway just to be sure. Hopefully the worst that will happen is some increased spam mail.

 

[Alidar Jarok]

Yeah, this is a better safe than sorry type situation. It doesn't appear your password or credit card info was seriously threatened, but I changed my password anyway.

 

[Itisnotlogical]

Good thing I haven't actually bought anything on Steam yet. Both of the Steam games I have are part of free promotions, and neither of them work well on my computer anyway.

 

[captcalhoun]

motherfuckers

 

[Chaos Descending]

This is really torquing me off.

First I haven't even been able to log in to Steam for over a week and a half (even though it worked fine one day and didn't work later the same day, Steam insists the problem is on my end), so NONE of the 10 or 15 games I have bought on Steam are playable, but NOW maybe someone horked my credit card info from Steam as well?

I'm almost done with online business transactions PERIOD.

ETA: HA! HA HA HA!!! Now, today of all days, Steam decides to connect, just as I made it into the closed Beta for SWTOR and have no time for any of my Steam games. Figures!

 

[Owain Taggart]

I haven't used Steam in such a long time that it says I haven't used Steam on this computer, but that's wrong as I have a few things installed. I've only ever bought one game from there though. I should probably still change my password.

 

[Reverend]

Bugger.

Sounds like a good a time as any to activate this new credit card that's been sat on my desk all week. Good thing I didn't do what I was supposed to and activate it right away!

I've also changed my password to something damn near unbreakable and changed the secret question too. I'm in no mood to have to have to get on the phone to a call centre in Bangalore and explain why some bloke in Easter Europe just maxed out my balance.

 

[Ryan]

It's screwed up I had to hear this first from general news sites rather than from an email from Steam.

 

[Owain Taggart]

Yeah, I didn't get an email either. Lots of people haven't apparently. I know lots of people gave Sony some heck, but I think they handled it well compared to this.

 

[John Clark]

I haven't received an email either. I haven't even tried to log on for a few days but there are very few of my details on their system anyway.

 

[Alidar Jarok]

BTW, if you have separate email and steam passwords, a hacker can't access your steam account unless he has both (or is physically using your computer) thanks to Steam Guard.

 

[Reverend]

I got a pop-up notice when I logged onto Steam. I'd say that's better than an email for me. Also, there's no comparison between this and what happened with Sony. Steam was never down, just the community forums (oh what a great tragedy) and I'm pretty sure they were back up within a day. From what I gather, Sony customers were shut out and left in the dark for *weeks*.

 

[The Dominion]

I don't even know my password to change it.

 

[auntiehill]

I got an email from them; changed my password right away. I will be keeping my eye on my accounts just in case. I think I've only bought one game from them in the past two or three years; all of the others have been gifted from other people.

 

[Owain Taggart]

I got a pop-up notice when I logged onto Steam. I'd say that's better than an email for me. Also, there's no comparison between this and what happened with Sony. Steam was never down, just the community forums (oh what a great tragedy) and I'm pretty sure they were back up within a day. From what I gather, Sony customers were shut out and left in the dark for *weeks*.

That's great if you log into Steam often enough that you wouldn't need an email. For the general public though, they wouldn't notice that anything ever went on. Say what you will about Sony, but at least emails were sent to everybody and everybody was aware of it. I'm only drawing comparisons on the email end of things, not the rest. At least they kept people in the loop.

 

[Ryan]

I played a game for the first time in ages and finally got a popup notice about the breach after quitting. Very classy Valve! It's nice to see you take the possible breach of your customers' credit card info/passwords serious enough to not bother notifying those who aren't actively using Steam.