Steam security issue revealed personal info to other users on XMas Day (fixed)

Chesskid1 said:
i just looked at someone's account using google's cache..

sigh..


ldh81jn.png
Click to expand...

Wow..this problem still exists.And now steam servers are down.
 
something was wrong in april when their system for paid mods basically offloaded all the risk to consumers while they reaped the majority of the benefits and now this shit

silicon valley libertarian culture run amok
 
Mr_Zombie said:
It isn't and they won't. Just like PSN hacking and the resulting 23-day outage from 2011 didn't end Sony or PlayStation consoles. Those 125 millions users with their game catalogues won't suddenly abandon Steam, especially since there really isn't any other better alternative.
Click to expand...

But actually there is....
 
Mr_Zombie said:
It isn't and they won't. Just like PSN hacking and the resulting 23-day outage from 2011 didn't end Sony or PlayStation consoles. Those 125 millions users with their game catalogues won't suddenly abandon Steam, especially since there really isn't any other better alternative.
Click to expand...

No but Valve will probably be Valve Corporation in the eyes of fans and that's a huge branding loss. I hope the net continues to play it up and the EU gets involved (you can't sue them in the USA, it's in the terms of service )
 
Etnos said:
Na its not, but people will wake up and see Steam just as another company not some mystical savior

Hopefully it will encourage the growth of alternate stores, myself I've been buying GOG when I can from about 2 years, having options is a good thing
Click to expand...

They're both but most folks only see one or the other without realizing one cant exist without the other.
 
unless there are more "developments".. this isnst going to hurt valve. It wasnt enough time for someone to put together a giant database of stolen info. And even if someone did collect info, what they can do with it is limited.. they didnt get pure payment info, it takes effort and time to do anything with it. Further, it will be pretty impossible to connect those thieves to this incident specifically. So valve will be fine after the hysteria wears off.
 
piratethingy said:
One of those posts were on GAF. There are many many many more from before your post. I find your magical moving goalposts funny too!
Click to expand...
I'm not trying to win an argument. If there are more than a small number of people on GAF who truly believe this is the end of Valve, then you got me.

You'd think someone so paranoid would care more about possible stolen data.

"lol"
 
Okay Gaf, there are eighty pages here, and I'm only on my phone. Knew nothing of this due to Christmas-related celebrations. Is this issue yet resolved, and even if it is, what would be recommended courses of action?
 
FStubbs said:
No but Valve will probably be Valve Corporation in the eyes of fans and that's a huge branding loss. I hope the net continues to play it up and the EU gets involved (you can't sue them in the USA, it's in the terms of service )
Click to expand...

Terms of Service don't take precedent over actual laws. They can easily get sued in US, ToS be damned. Not sure how much of a case there would be but I would imagine there could be some for people who can prove their info got out.

Now, since Valve let PII info be put into open there may be a civil case by various States if they want to try and pursue that. Frankly both cases are doubtful but certainly possible.
 
JonnyDBrit said:
Okay Gaf, there are eighty pages here, and I'm only on my phone. Knew nothing of this due to Christmas-related celebrations. Is this issue yet resolved, and even if it is, what would be recommended courses of action?
Click to expand...

We don't really know the full ramifications of what was capable during the breach. A lot of guesses.

Assume that your information on your Steam account page has been compromised. Replace passwords on all accounts that may be linked to your Steam account. Keep an eye out for login attempts on everything. If you don't already, activate two-factor authentication on your Steam account and anything else that supports it.

Your payment information and full phone number is probably safe. It is likely safe to log in to Steam. Personally, I would not buy anything right now.
 
JonnyDBrit said:
Okay Gaf, there are eighty pages here, and I'm only on my phone. Knew nothing of this due to Christmas-related celebrations. Is this issue yet resolved, and even if it is, what would be recommended courses of action?
Click to expand...

I'm in the same position as you, but I did some research as I'm not on a phone, apparently Valve thinks is not an issue because their statement doesn't even reassure it won't happen in the future.
It would be funny, if it wasn't so horrible.
 
JonnyDBrit said:
Okay Gaf, there are eighty pages here, and I'm only on my phone. Knew nothing of this due to Christmas-related celebrations. Is this issue yet resolved, and even if it is, what would be recommended courses of action?
Click to expand...

Recommended action is to just use good security practices everyone should be always doing. Monitor your credit transactions. Change your password once every couple months. Make good passwords. If you didnt log on yesterday in that 1 hour window then in theory your data was not exposed anyway.
 
spinz said:
Recommended action is to just use good security practices everyone should be always doing. Monitor your credit transactions. Change your password once every couple months. Make good passwords. If you didnt log on yesterday in that 1 hour window then in theory your data was not exposed anyway.
Click to expand...
Do people really just log out of the client if they go to work or something? Mine is always just logged on and sitting there waiting for me. If it was a cache issue I would have had to of gone to my own account page in that time. Which I never do. I just looked at the store.
 
Etnos said:
Add arrogant autistic programmer answer to the problem, because you know why would Valve hire a communications - costumer service staff

Algoritms solve everything am i right?
Click to expand...

Arrogant autistic programmer?! What exactly does that mean? If you're arguing for a response from Valve I'd suggest not having such a tone deaf post.
 
ElectricBlanketFire said:
I'm not trying to win an argument. If there are more than a small number of people on GAF who truly believe this is the end of Valve, then you got me.

You'd think someone so paranoid would care more about possible stolen data.

"lol"
Click to expand...

I do care. I'd be very upset if my account had been compromised. Doesn't change reality. Doesn't mean I should let those emotions color my evaluation of the situation.

Get in an Internet argument -> proven wrong -> "I don't care about some internet argument"

You're hitting all the classics today, lol!

Edit: I know I'm being a bit harsh, but meh. The whole "that wasn't a good thought to share" bit annoyed me. The idea that you're making that call while being completely wrong is weird.
 
Ophiuchus said:
Wow..this problem still exists.And now steam servers are down.
Click to expand...

i just tried this and it gave me a account from mexico... it says it a snapshot from the 25th so it prob from before steam took down the servers but stil some random guys info floting about online. steam really fucked up, there is no defending it any breach in security no matter how small is bad and steams silence and giving next to no update on the matter is really fuckin bad they really need to hire some sort of pr/support.
 
sheepishlord said:
i just tried this and it gave me a account from mexico... it says it a snapshot from the 25th so it prob from before steam took down the servers but stil some random guys info floting about online. steam really fucked up, there is no defending it any breach in security no matter how small is bad and steams silence and giving next to no update on the matter is really fuckin bad they really need to hire some sort of pr/support.
Click to expand...

I tried too and I think I might have gotten the same guy from Mexico... Man if there's a single guys info just sitting there in google cache... That really sucks.
 
Etnos said:
Add arrogant autistic programmer answer to the problem, because you know why would Valve hire a communications - costumer service staff

Algoritms solve everything am i right?
Click to expand...

Going around calling people "arrogant autistic programers" sure will make everything better.

I get that you are upset, but come on.
 
sheepishlord said:
i just tried this and it gave me a account from mexico... it says it a snapshot from the 25th so it prob from before steam took down the servers but stil some random guys info floting about online. steam really fucked up, there is no defending it any breach in security no matter how small is bad and steams silence and giving next to no update on the matter is really fuckin bad they really need to hire some sort of pr/support.
Click to expand...
Yeah, gotta suck for the owner of that account. Maybe contact google to have that cached entry removed or updated?
 
piratethingy said:
I do care. I'd be very upset if my account had been compromised. Doesn't change reality. Doesn't mean I should let those emotions color my evaluation of the situation.

Get in an Internet argument -> proven wrong -> "I don't care about some internet argument"

You're hitting all the classics today, lol!

Edit: I know I'm being a bit harsh, but meh. The whole "that wasn't a good thought to share" bit annoyed me. The idea that you're making that call while being completely wrong is weird.
Click to expand...
You literally said you don't use Steam much and don't care either way.

Should I go with moving the goalposts or a simple lol?
 
I would hope for more disclosure about how this happened and the steps Valve is taking to prevent it from happening in the future, as well as looking into ways to get the personal information that has gotten out there and is still viewable on cached Google pages of the internet. (probably impossible?)
 
Jams775 said:
I tried too and I think I might have gotten the same guy from Mexico... Man if there's a single guys info just sitting there in google cache... That really sucks.
Click to expand...

I also found another guys infos on a different archive-site. I don't know how many different sites that save those snapshots from other websites exist but the are potentially more accounts still visible.
 
georaldc said:
Yeah, gotta suck for the owner of that account. Maybe contact google to have that cached entry removed or updated?
Click to expand...

I had checked it to see what everyone was talking about and got the same account. That's a terrible lottery to win.

I don't use steam, but if I did I'd be very uncomfortable right now esp. since there has been no official reassurance yet.
 
ElectricBlanketFire said:
You literally said you don't use Steam much and don't care either way.

Should I go with moving the goalposts or a simple lol?
Click to expand...

Yeah, I don't care because I don't use steam much so my account hasn't been logged in for a while and I'm very unlikely to be affected.

Doesn't mean I don't understand the severity of the situation.
 
Nice. Been away from the internet for the past few days and now this crap has me flying to Paypal and disconnect my credit card.

Don't have it in me to start looking if anything is amiss.

Whisky is too good.
 
Vigilant Walrus said:
There are a lot of things that shouldn't happen, but the reality is that most services have major security leaks. Neogaf had a major leak last week that required a lot of people to change their password.
Click to expand...

There was a situation last week where several user accounts were compromised by a single individual and used inappropriately. When we researched the issue we found that it was very likely a situation where users reused login details from another site that was compromised or had weak passwords, and we verified that there was no illicit access of the NeoGAF servers. We forced password resets for a small number of users, and suggested that others voluntarily change theirs, in response to this issue, but not due to any specific vulnerability on our side. No data was leaked from NeoGAF specifically for any users whose accounts were not accessed.

We commented pretty plainly about all this is the thread about the issue, so please don't make misleading statements as to the nature of the problem. Our goal has been to be as forward as possible about issues like this.
 
You must log in or register to reply here.

Similar threads

PSYCHO DEAD | Gameplay Reveal Trailer (Third-person survival horror) [PS5, Steam]
23
149
Macattk15 replied
  • Poll
Steam users threaten to boycott Metal Eden for using AI voices
News Drama  2 3
117
1K
rkofan87 replied
Digimon Story Time Stranger debuts with over 70k concurrent users on Steam (~11x the launch CCU of Digimon Survive)
Sales-Age 
5
88
Liopleurodon replied
Steam hits 40m concurrent users.
3 4 5 6 7
300
16K
rodrigolfp replied
[The Verge] Xbox Ally pricing and preorders info coming today. [Update] Prices revealed: $999 Z2 Extreme; $599 Z2
7 8 9 10 11
544
1K
Duchess replied
Top Bottom