Support NeoGAF

[Quirah]

My friend informed me. When you go into 'Account Information' via Steam Client, it leads you to other peoples pages.

I looked at it and there is another guys page named 'minkey***' and it has saved credit card information, which is not mine. I can see his mail address clearly. Also if that random guy has money in Steam Wallet, I think you can spend it too. Mine has $0 at all.

I think big security issue is happening right now. You can check it with Steam Client. I am not gonna upload a screenshot because I dont want to spoil that guys e-mail address or other info.

Mod edit: Dont post usernames

What we know so far

• Most likely an error in the way Steam caches pages.
• People are able to access random Steam profiles and see compromising information, account names, emails, last 2 digits of credit card, paypal email address, purchases, etc.
• No changes can be made to the effected account, no purchases can be made. Any evidence to the country is, as of yet, unsubstantiated.
• It's been advised to not access Steam URLs, including the client, until we have more information.
• Do not post account names you see, huge security risk.

I'll update this post with more information going forward.

 

[Prosopon]

This probably does need a dedicated thread at this point.

 

[Grampa Simpson]

I was in the indie sale thread and started ctrl-clicking on the store pages in post #2, and I kept ending up in other people's accounts. WTF is going on here?

 

[El Topo]

What the fuck? You're right. How? Why? Holy shit.

 

[Tenebrous]

Wow, what? Where can I see "Account Information"? I can only find Account Details by clicking the username next to my available funds, but that page doesn't load (302 warning).

 

[Castef]

I was in the indie sale thread and started ctrl-clicking on the store pages in post #2, and I kept ending up in other people's accounts. WTF is going on here?

Same for me.

In addition, the language for the store front is chaning at every click and I can't revert it back to mine.

 

[Joyful]

yep this seems to be a thing, holy shit

 

[Sorcerer Supreme]

oh fuck. what the fuck is going on? i see some other guys account with money

 

[Razyl]

Tested. Got the account details of someone other... that's not okay. Absolutely not!

 

[Hektor]

Looks like it's possible to access random people's Purchase history/Remove games, see their email and phone number and all if the people in the steathread don't post bullshit. Fuckin hell

 

[CrackaF3tt]

Yup just checked and i see some other dudes info. I can see his last 4 digit for his phone number, his steam wallet amount, contact email.

 

[TronLight]

Opened the client up and the main page is in Russian. ???

 

[chadskin]

I just noticed this as well here. I was on a game page in the store and noticed it said two of "my friends" own this game already but I have no idea who they are.

store.steampowered.com in the browser also leads me to the Russian site, with no way to change it back to German / English.

 

[Matrix XII]

Uh oh

This isn't good.

 

[malfcn]

Sounds bad. How fast will the news spread, and will official word down play it?

 

[dmr87]

My currency has changed from Euro to Canadian dollars.

And now it's changing languages.

 

[LDAF]

Holy shit, I just got a guy with $20 in your account. You're right, this needs to be fixed NOW.

 

[gar3]

Yep, someone else's account :-/

He's got $5.82.
I have (had?) $193.49

 

[Steel]

They need to turn this shit off asap.

 

[Hektor]

FFS I CAN BUY GAMES ON OTHER PEOPLES ACCOUNTS

 

[gigantor21]

Holy shit, I just checked my account and everything was randomly in Spanish. I'm in someone else's account too. What the fuck?

 

[fluffydelusions]

HOLY SHIT...yep just went to details and shows someone elses info

 

[Funyarinpa]

http://www.neogaf.com/forum/showthread.php?t=1162196

 

[DNAbro]

umm what the fuck

also my page is in russian

 

[Morrigan Stark]

WTF
Same thing happening to me. Under "Account Details" I see some random German guy's info...

 

[PaRappa]

me too. I seem to be in someone elses account

 

[Kezen]

Opened the client up and the main page is in Russian. ???

Same here.

 

[KINGofCRA5H]

Mine seems fine. In US

 

[VisceralBowl]

What should I do? I really don't want my account fucked up.

 

[Matrix XII]

How do we stop this on our end? Any way?

 

[HaRyu]

It was rotating through different languages for me.

And now it looks like I'm logged into someone elses account (for the Store section at least).

 

[jacobeid]

Holy fucking shit are you serious.

 

[superNESjoe]

Well this is a serious problem. I need to go edit my account info right now.

 

[Fergie]

Seems so. Language changed to Spanish and the currency from £ to €.


And now it's in $.

 

[Prosopon]

There are several threads address this, two could be merged.

 

[Bunta]

Uhhh yeah, I'm seeing the same thing when I go into my steam wallet.

 

[Sorcerer Supreme]

Just checked. I have the exact same issue! This is pretty crazy. Edited out the email address, but you can clearly see this isn't my account information.

hide his account log in name. dont post that

 

[kuYuri]

I had this same issue too, oh god

 

[Soyongdori]

Holy fucking shit, you can edit someone else's credit card info.

This is a complete fuck up by steam. Fucking fix it now.

 

[legacyzero]

HOLY SHIT, Happening to mine too!

Steam Guard should prevent any problems though, right?

 

[kulapik]

I don't see how this is funny at all

 

[Prophet Steve]

I was already wondering why I got three different languages.

 

[Steel]

How do we stop this on our end? Any way?

It might be that if you're logged in other people can't use your account. So going offline might not be a good idea.

It could also be the opposite.

 

[Lord Error]

Holy shit...

 

[SpartanSlayer117]

Can someone contact someone at Valve? This is crazy, servers need to be shutdown asap.

 

[NahaNago]

yeah saw it had someone else' info when i checked as well.

 

[jacobeid]

Pull the fucking plug now.

 

[Van]

Oh FUCK ME

 

[Sputnik]

I got access to the account of some stranger too, but a different user than you.

Someone in the comments on his page said Steam might be getting DDoSed right now?

Either way, Valve better deal with this quickly.

 

[DMTripper]

Just logged on to see my account in Russian... According to reddit people are seeing other people's accounts but not all the info to steal payment details. Still pretty shady tho!

I've logged out and will wait and see what happens. Something pretty doggy is going on :-(