Steam Hacked- Newell Says ‘Watch Your Credit Card’November 11, 2011
If you haven’t heard yet, Valve’s online digital store, forums, game library and multiplayer network have officially been hacked. According to a press release by Gabe Newell, founder of Steam Software, the attack started as a “defacement” of the forums and got out of control from there. The people responsible for hacking the Steam forums have not yet been identified, nor have their motivations for the hack.
From the press release:
“We learned that intruders obtained access to a Steam database in addition to the forums. This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating.
We don’t have evidence of credit card misuse at this time. Nonetheless you should watch your credit card activity and statements closely.
While we only know of a few forum accounts that have been compromised, all forum users will be required to change their passwords the next time they login. If you have used your Steam forum password on other accounts you should change those passwords as well.
We do not know of any compromised Steam accounts, so we are not planning to force a change of Steam account passwords (which are separate from forum passwords). However, it wouldn’t be a bad idea to change that as well, especially if it is the same as your Steam forum account password.”
In summary, if you use Steam, your credit card could be compromised, so keep a close eye on it in the coming weeks. Does this sound familiar? To anyone who uses Sony’s PSN it sure would- that service was hacked back in April, and credit card info was apparently compromised. In that PR nightmare scenario, Sony gave away free games, 3 months of Playstation Plus and free Identity Theft protection from AllClear. Will Steam do the same? I guess it’s a small consolation that if your PSN info got hacked, at least your AllClear 1 year Identity Theft Protection (assuming you cashed it in) is still valid. So if something happens to your credit card from the Valve hack, AllClear should let you know. Will this become a yearly ritual as online “cloud” gaming and digital distribution becomes more popular? Let’s hope not. Even more so than credit card info, many gamers have expressed worry about their amassed gaming library, which one forum poster noted is “worth more than my bank account”.
Valve has closed the Steam forums and is investigating the intrusion. On the day the forums do come back online, Valve is forcing all forum users to change their passwords. Here’s what does not make sense — if Sony was hacked back in April of 2011, wouldn’t other gaming services such as Xbox Live and Steam bump up security to ensure that nothing like that would happen to them? Sony was hit hard by the hack, and the personal information of some 77 million people was compromised. Credit card numbers, phone numbers, emails, passwords, and addresses were all acquired by the hacking group. Due to that, many people can no longer trust Sony with their personal information in fear of another similar attack happening. If the Valve intrusion is as major a hack as the PSN debacle, they may be at risk of losing the trust of some fans just like Sony did months ago. (Editor’s note: it should be noted that no matter how strong Valve’s network security is, a breach is always possible- although Sony admitted after their attack that they had been putting off upgrading their security, and thus set themselves up for an intrusion.)
So what do you think about this? Will you never feel safe giving your credit card info again? Unfortunately, Amazon recently stopped selling online game codes for PSN, but you can currently still buy some Steam games through them. But who knows if it’s only a matter of time before Amazon gets hacked? If you’re a conspiracy theorist, did EA have Steam hacked to make their Origin service look better? We may never know…