• Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.

Steam security issue revealed personal info to other users on XMas Day (fixed)

It is absolutely inexcusable that they haven't pulled the plug yet. This is completely incomparable to any of the high profile hacks we've seen in recent years. Fuck you, Valve. This is beyond uncool.
 

yatesl

Member
FUNDS CAN ABSOLUTELY BE ADDED TO ACCOUNTS

It literally just happened to my friend so stop spreading bullshit and damage controlling for valve.

Screenshot please, and blank out personal details. You can see "Add funds", but clicking the buttons don't do anything.

For what it's worth, I'm not damage controlling anything - I'm trying to put people at ease, as this is (understandably) snowballing like crazy.
 

Stimpack

Member
he's wrong many people have had games purchased and I made it all the way to the confirmation page on another persons account without needing a password.

I don't understand why someone would sit there and spread that bullshit without absolutely knowing it to be the truth.
 

Vamphuntr

Member
Being on Christmas is not en excuse for them being slow to pull the plug. They have millions of users and they are a huge IT/software/store service company. Pull the plug already.
 

BHK3

Banned
This seems really bad like the hacking of PSN bad.

From what I recall no ones information was actually taken, I don't remember a single thread saying they had money stolen. PSN was simply taken down and everyone was told to change their info, standard procedure for when security systems are compromised.
 

Tain

Member
i love how corporate apologists are still peddling their shit even in this situation

it's blowing my mind

idgaf if people can't change my shit, seeing my email and last 4 digits and partial phone numbers and addresses etc etc? this is a big fucking deal

I don't think it's at all unreasonable to ask that Valve take down the Steam servers as quickly as they can.
 

JP

Member
Just to be secure, would it not be better if people didn't log into their account when it's like this? Although there's been no confirmation as to what is happening, if the site has been compromised at some level, then it may be best not to be entering log in information while it's compromised.
 

Jinfash

needs 2 extra inches
Once again.

NO ACCOUNT INFORMATION CAN BE CHANGED.

NO PURCHASES CAN BE MADE.

THE MOST PEOPLE CAN SEE IS YOUR E-MAIL, AND PURCHASE HISTORY.



Is it a clusterfuck? Absolutely. But aside from some random person knowing your e-mail and seeing that you've bought Hunniepop, YOU HAVE NOTHING TO WORRY ABOUT.
This a major fuck up as far as privacy breaches go, regardless of whether funds and CC's can be used or not.

An all caps NOTHING TO WORRY ABOUT coming from someone with zero knowledge and access to the service's back-end is worthless.
 

perorist

Unconfirmed Member
e7543af2a9.png
 

shadowkat

Unconfirmed Member
Stupid thing is that I just saved my cc info to the store and I've never done that before.

Valve needs to fix this shit ASAP.
 

DarKshodaN

Member
Someone on my friendlist posted a chat log from a guy from valve, he sayed: "were working on it" it was alden if someone knows him
 
What we know so far

  • Most likely an error in the way Steam caches pages.
  • People are able to access random Steam profiles and see compromising information, account names, emails, last 2 digits of credit card, paypal email address, purchases, etc.
  • No changes can be made to the effected account, no purchases can be made. Any evidence to the country is, as of yet, unsubstantiated.
  • It's been advised to not access Steam URLs, including the client, until we have more information.
  • Do not post account names you see, huge security risk.

bJK2asd.png


owZ6BYU.png


I'll update this post with more information going forward.

Quote for science
 

Joqu

Member
From what I recall no ones information was actually taken, I don't remember a single thread saying they had money stolen. PSN was simply taken down and everyone was told to change their info, standard procedure for when security systems are compromised.

Yup. This is way worse than PSN as far as I'm concerned.
 

Card Boy

Banned
I always thought Valve was a garbage company and this just proves it. This is so much worse than the PSN debacle. This is what you get when you put all your eggs in one basket.
 
I'm on mobile and can't log in through the iOS app. Did they finally pull the plug? I couldn't get to my account page at all. It was always a random stranger's.

I'm livid. No excuse for this.
 
Top Bottom