Quantcast
Posted by Chris Scott Barr on Nov 11, 2011

Steam Forums Offline Due To Hack – Gabe Speaks

In the last year, Sony has caught a lot of flack over a few major hacks that left people locked out of their network, and worse, with their personal information exposed. Of course, Sony isn’t the only company to see this sort of intrusion. Recently, Valve found themselves under attack, and their forums defaced.

The attack came just hours before one of the biggest launches of the year, Skyrim. Since the game requires Steam for authentication, this left users worried that there might be issues with the launch. Thankfully, this was not the case. For those of you who may not have had the luxury of activating your copy at midnight, you should encounter no problems, whatsoever. However, if you’re wanting to get on the Steam forums to discuss the game, or anything else, you’re out of luck. Valve head honcho, Gabe Newell addressed the concerns in the message below:

Dear Steam Users and Steam Forum Users:

Our Steam forums were defaced on the evening of Sunday, November 6. We began investigating and found that the intrusion goes beyond the Steam forums.

We learned that intruders obtained access to a Steam database in addition to the forums. This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating.

We don’t have evidence of credit card misuse at this time. Nonetheless you should watch your credit card activity and statements closely.

While we only know of a few forum accounts that have been compromised, all forum users will be required to change their passwords the next time they login. If you have used your Steam forum password on other accounts you should change those passwords as well.

We do not know of any compromised Steam accounts, so we are not planning to force a change of Steam account passwords (which are separate from forum passwords). However, it wouldn’t be a bad idea to change that as well, especially if it is the same as your Steam forum account password.

We will reopen the forums as soon as we can.

I am truly sorry this happened, and I apologize for the inconvenience.

Gabe.

I definitely want to applaud Valve for their response to this issue. They made a swift response to the hack by not only taking the forums offline, but also by addressing the community and letting them know exactly what happened, and what actions they are taking. While it’s sad that it happened, and we certainly hope they find and patch the vulnerability that allowed this to happen in the first place, it’s good to see that no real harm appears to have taken place. Still, it wouldn’t hurt to go change your password.

 

Post a Comment