Valve Announces Massive Steam Server Intrusion 434
SKYMTL writes "Valve has revealed that hackers have gained access to the Steam database and have pulled a variety of information. A statement from Gabe Newell reads in part: 'Dear Steam Users and Steam Forum Users, Our Steam forums were defaced on the evening of Sunday, November 6. We began investigating and found that the intrusion goes beyond the Steam forums. We learned that intruders obtained access to a Steam database in addition to the forums. This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating.
We don’t have evidence of credit card misuse at this time. Nonetheless you should watch your credit card activity and statements closely."
Proper back end hashing and encryption? (Score:5, Insightful)
Awesome. Sounds like they were doing things right.
Hilarity (Score:2, Insightful)
Valve gets hacked, account details likely stolen, account information hashed and salted, Gabe still praised.
Sony gets hacked, accounts details stolen, account information hashed and salted, Sony ran through the ringer.
Love to see the hivemind at work.
DRM rocks! (Score:4, Insightful)
Thank god I had to sign up to STEAM and give out my personal information to play a game I had already purchased otherwise I might never have become a victim of identity theft...
Way to keep us informed? (Score:5, Insightful)
Re:Hilarity (Score:5, Insightful)
The difference is in part due to how the attacks were handled by the respective companies, and in part due to the fact that Sony is run by gigantic cocks while Valve isn't.
Re:Hilarity (Score:5, Insightful)
Re:Hilarity (Score:2, Insightful)
Re:Hilarity (Score:5, Insightful)
Re:Way to keep us informed? (Score:5, Insightful)
It sounds like they are. The article says "...below is the full email from Gabe Newell to Steam members."
Keep in mind Steam has a hell of a lot of members. It can easily take several hours to send out that many emails.
Re:DRM rocks! (Score:5, Insightful)
As opposed to Xbox Live? GFWL? The Rockstar Social Club? Origin? Any MMO ever? Any website you've ever purchased anything from? etc.
Let's face it, there's no shortage of places that have some, part or all of your personal information these days; Steam is just one of many.
Re:Hilarity (Score:3, Insightful)
The guy has just admitted they stuffed up. they had a responsibility to protect your data that they force you to provide. This is the equivalent of being raped in a police station and then being happy that the cops admitted it happened and are very sorry about it.
If you think this situation is anything like being raped -you do not know what rape is...
Re:Hilarity (Score:3, Insightful)
Re:Hey gabe (Score:5, Insightful)
You're just being stupid for the sake of comedy right?
Amazon.com looks good right now.
Fuck, even Best Buy looks good right now.
Origin looks like the exact same crap, but with a much less trustworthy company in charge of it. EA would sell all that personal information straight to the hackers if it meant they could turn a profit.
Re:Hey gabe (Score:5, Insightful)
Even after this, I still trust Valve more than I trust EA. Hell Valve could kill kittens and use their blood to fuel their servers, and I'd still trust them more than EA. One only needs to look into the past and see how much EA has treated not only their customers as dirt, but their employees.
Re:Proper back end hashing and encryption? (Score:5, Insightful)
Steaming pile (Score:3, Insightful)
Re:This is Valve's fault (Score:5, Insightful)
Until we have real information about how they were hit, it's difficult to make any assumptions about how badly Valve may have screwed up.
Re:Hilarity (Score:5, Insightful)
Yes, but Sony stored customer data as PLAIN TEXT. Their security was a joke and they deserved all the bad press they got.
Valve on the other hand had all sensitive data encrypted. Which means that the hackers likely got nothing but useless gobbledygook.
Re:Hilarity (Score:5, Insightful)
Re:Steaming pile (Score:5, Insightful)
You don't need to give up your CC number (or any personal information) unless you are buying a game with your CC. How, exactly, do you think they should handle credit card purchases?
Re:Hilarity (Score:2, Insightful)