GifGafIsTheBestGaf
Member
oh boy, just with my luck i wonder if im one of the affected. gonna keep my eye on any steam email
You're really calling the exposure of personal data an insignificant non-event?
Not necessarily. They could easily just be logging how many cache hits/misses there are for people checking account details, which they would have had to be logging to determine their cache expiration time anyway (unless they just picked a random time that seemed good). That wouldn't require any user-specific information
not excusing valve but quite literally every retail store employee can see the last four digits of your card number. you're being ridiculous. if it's that bad to you i can't imagine you use anything other than cash everywhere you go.
I'd wager their top execs were on vacation.
I don't think that would give you the correct upperbound. Cache misses where treated as cache hits and the wrong account accessed. Are you saying there were only 34K cache misses? That seems incredibly low, unless it's affecting only a subset of their network.
lola store employee can't see my address or link my real identity to my online persona
All I wanted to hear.
Thank you Steam.
I will buy Half Life 3 again.
Everybody was on vacation. You don't need the top execs. You need the guys that understand the system. If they are like me, they don't answer their phone on Christmas day.
I don't think that would give you the correct upperbound. Cache misses where treated as cache hits and the wrong account accessed. Are you saying there were only 34K cache misses? That seems incredibly low, unless it's affecting only a subset of their network.
lol
I've seen countless email addresses, real life addresses and first/last names. I even see *gasp* the last four digits of social security numbers. I'm just a retail employee and I come across these things more than 20 times a day. valve isn't handling this well, but if you guys think this info isn't something tons of people have seen already I don't know what to tell you.
I'm not sure how they can know the actual number unless that's 100% of the users active during the issue. Unless they are actually logging details of every access which sounds like a privacy/safety issue to me.
At any large, competently-run service company they (or rather, a subset of them) aren't like you because there's a portion of the staff paid specifically to be on call for things like a major system problem on Christmas.
I feel the same way.oh boy, just with my luck i wonder if im one of the affected. gonna keep my eye on any steam email
They seemed to skimp over the fact that you could see the last FOUR digits of someone's credit card if the last page was reachable. That's an important fact that hopefully I just missed in their apology.
Well they said:
"The content of these requests varied by page, but some pages included a Steam users billing address, the last four digits of their Steam Guard phone number, their purchase history, the last two digits of their credit card number"
That's sorta my point. It's important to notify your consumers that it was possible that the last four digits were seen. Seems like they were just sweeping that part aside because it's a far bigger issue than just two.
Seems to have gotten the same bit of attention...I'm not sure what you mean
Doesn't matter. You get your top people on it asap, holiday be damnedSounds like they waited until they figured out the root cause before putting out a statement. It was probably slower than usual due to being a holiday long weekend.
To be honest, I think people would have been willing to give them 5 days (irrespective of what the professionally appropriate timeframe was) if their initial response wasn't so tone-deaf.
Not PR people usually.
Kudos on the quick response.
Good. They apologized and now I can finally sleep and get on with my life... But you know, they did take slightly longer than I deem acceptable, so I feel like I should continue to be angry over this. This is the internet after all.
I figured they wouldn't say anything. Good for them.
How much of this is supposition on your part? It's not like Valve, but I work in software development with a relatively flat structure and people take care of the annoying and difficult stuff because we take pride in doing good work and because it has to get done.The issue at Valve isn't that PR people take vacations, it's that no one at Valve has a job description or any responsibilities so nobody does anything annoying or difficult if they don't have to.
34,000 isn't as bad as it could have been. Still, this should be emailed out to everyone with a Steam account.
How much of this is supposition on your part?
Pinnochio.gifKudos on the quick response.
Well I do have to say that Doug is pretty good at Press PR stuff, every time I send him an email I get a fairly quick response on my questions.Not really any? Beyond the employee handbook we've had multiple first-hand reports of how things work inside the company, including the lack of customer-oriented employees, the lack of commitment to projects, and the inability to get anything actually approved or shipped.
I mean, I don't think people are shying away from challenges that are actually in their wheelhouse (tough technical issues or whatever) but typically even at a flat-structure company people get hired with specific, concrete responsibilities. Valve's refusal to do that means areas far outside the technical realm (customer service, public relations, etc.) don't have anyone dedicated and skilled handling them.