Steam hack exposed 2004-2008 transactions
A letter from Gabe Newell updating users on the Steam hack from last year warns that a file of transaction activity between 2004-2008 was probably obtained. Passwords weren't included, and credit card and billing information was encrypted.
Valve is continuing its investigation into last year's Steam hack, and has discovered that a backup file with four years of transactions was probably obtained by the hackers. A letter from Gabe Newell maintains that credit card information and passwords should be secure, but warns users to watch their credit card statements for suspicious activity.
"In my last note about this, I described how intruders had accessed our Steam database but we found no evidence that the intruders took information from that database," Newell wrote. "That is still the case.
"Recently we learned that it is probable that the intruders obtained a copy of a backup file with information about Steam transactions between 2004 and 2008. This backup file contained user names, email addresses, encrypted billing addresses and encrypted credit card information. It did not include Steam passwords."
The company says it still doesn't have any evidence that the encrypted credit cards or billing addresses were compromised, but Newell repeats his prior advice to keep an eye on your credit cards. "And of course keeping Steam Guard on is a good idea as well," he points out. "We are still investigating and working with law enforcement authorities."
-
Shacknews
replySteve Watts posted a new article, Steam hack exposed 2004-2008 transactions.
A letter from Gabe Newell updating users on the Steam hack from last year warns that a file of transaction activity between 2004-2008 was probably obtained. Passwords weren't included, and credit card and billing information was encrypted.-
I don't think I've ever used anything there except for PayPal, so I guess I dodged that bullet.
-
I thought they were saying that Credit Card information wasn't compromised by stuff like E-mails where.
-
And just keep and eye on the credit card activity. Probably wouldn't hurt to keep an eye on the Paypal activity.
-
Well the stuff's encrypted, but that doesn't mean much these days lol.
-
-
-
No, I am not american.
Yes, it depend on timeframe - but nobody will care if someone can decrypt it in 35543134641314 years.
No, nobody has anywhere even close to what computing power has NSA available - check list of top 500 supercomputers - anything owned by US government is available to NSA if they really want.
-
-
-
-
-
-
-
Cause Paypal will never get hacked.
-
-
I generally use a reloadable card for my online purchases.
-
-
[deleted]
-
Valve, please encrypt your backups from now on.
-
The passwords weren't stored in the backup and the credit card numbers were encrypted. It is still a breach but could have been worse.
I am not so much worried about incidents like that get publicized but the thousands that happen that we never even hear about. Disclosure is key as it allows you to plan your online security.-
And that's where Sony went wrong. They didn't encrypt anything. The bigger part the perception. I still view Sony as being arrogant about the entire issue. My view of Valve is that they fully understand the gravity of these things and I believe they really do think these things through (you, back when they were first building out Steam).
-
-
-
my first Steam purchase was in 2009, dodged another!
-
Go ahead and steal my credit card. Congrats, you're $500 in the hole.
-
-
