Support NeoGAF

[butzopower]

Any payment method will require entering billing information. Valve has to pay taxes and they need records.

Scratch that plan then...

 

[Crimsonclaw111]

you have no payment methods associated with this account

Did they remove all cards and such from all accounts?

 

[sgjackson]

Is it safe to go in and check your account now?

this is what i'm wondering - i haven't looked at my account info in a few days and i'm wondering if i'm boned or not. nobody has spent money on my cc and i had no steambucks.

 

[Gaz_RB]

Yup.

Goddamn poor guy. He's going to be on google. Forever.

He will Become Legend

Payment info is always censored on Steam, so that's not going to be a problem and removing that information isn't going to accomplish anything.

Unfortunately, no one who had their information cached today will be "in the clear". In theory, an identity thief could attempt to exploit that information. All you can do is pay attention to your bank/credit statements and ensure there's no suspicious activity going on--something that everyone should be doing regardless of whether their information was compromised.

But I stress that identity thieves don't hide in wait for Steam security vulnerabilities to come along. Trying to gain something from this particular incident would be a difficult, inefficient endeavor. Thieves go for easy targets, not hard ones. If this degree of data were particularly valuable, then Facebook would be ripe for the picking.

That said, this is absolutely a data breach and a security problem on Steam's part. I assume they haven't addressed it yet because they want to fix it before they air it. It would not be smart to exclaim, "Hey, we're having a problem with [this thing that can be exploited by anyone who is reading this]!"

Great post.

 

[fertygo]

Why don't you post all your credit card info online then? Any purchases will just be credited back anyway right?

Spoiler

Moron.

I know that quoted dude, he just being sarcastic.

 

[lazygecko]

Store page is working again, but not account details.

 

[Milestoned]

steamgames.com doesnt belong to valve:
Registrant Contact
Name: PERFECT PRIVACY, LLC
https://whois.icann.org/en/lookup?name=Steamgames.com

steampowered.com does:
Registrant Contact
Name: Valve Corporation
https://whois.icann.org/en/lookup?name=SteamPowered.COM

It redirects me to steampowered though and my old CC also said "steamgames.com", just looked it up.

 

[Vamphuntr]

Searching "http://store.steampowered.com/account" in Google and checking the cached version is still not fixed.

I saw someone's e-mail and the last two digits of their credit card.

You can't fix cached page. It's like a "picture" of the website that google bot took during the issue. They'll have to ask Google to delete it.

 

[Grudy]

Client is showing my own account now.

 

[JaseC]

steamgames.com doesnt belong to valve:
Registrant Contact
Name: PERFECT PRIVACY, LLC
https://whois.icann.org/en/lookup?name=Steamgames.com

steampowered.com does:
Registrant Contact
Name: Valve Corporation
https://whois.icann.org/en/lookup?name=SteamPowered.COM

Yes, it does. The registrant info is just private.

 

[Reebot]

So you cant give me anything after saying that i've been misleading people this entire thread?
Give me something or stop posting crap.

I give you the "Gold Star for being 66% correct about compromised personal information!"

 

[Rhomega Beta]

Well I was able to disconnect my card. I also went onto the Store, did my Discovery Queues, and sold my cards.

 

[Maedhros]

How exactly? This gave all your information to anyone who wanted to view it. They fucked up, Sony got hacked. This one feels like it will have more real world consequences than just PSN being down.

PSN information wasn't encrypted... so yeah...

This one is just having access to someone else account page. So, if you have too much information there, the worse thing it could happen is that they now have your address, name and phone. And they could use your saved cards to make purchases on your/their account, I guess.

BTW, they must compensate everyone for this.

 

[texhnolyze]

Did they remove all cards and such from all accounts?

I lost half of my cards in my inventory.

 

[Savitar]

Did they remove all cards and such from all accounts?

Seems to be the case.

Users couldn't do that, they'd just get bounced to another account.

Oh wait you mean cards not credit cards I take it.

 

[Alvarez]

Is it safe to go in and check your account now?

No.

You can log in and play your games, but don't check your Account Details and--if you're particularly paranoid--don't use the checkout function (which displays your censored payment info).

 

[Trago]

Did they remove all cards and such from all accounts?

Was wondering that as well, could'a swore I had my CC info on my account.

 

[ekim]

steamgames.com doesnt belong to valve:
Registrant Contact
Name: PERFECT PRIVACY, LLC
https://whois.icann.org/en/lookup?name=Steamgames.com

It's a service for hiding your real identity...

steampowered.com does:
Registrant Contact
Name: Valve Corporation
https://whois.icann.org/en/lookup?name=SteamPowered.COM

Valve changed to perfectprivacy for domain registrations some years ago.

 

[boredandlazy]

I know that quoted dude, he just being sarcastic.

Ok, glad to hear that. It's hard to tell due to some idiots in this thread.

 

[Human_me]

I can't even see my Inventory, It just says unavailable.

 

[Atrarock]

Oh man, when I was seeing someone else's name/email in my account settings, I thought someone got into my account. Didn't even think for a second I was seeing someone else's account entirely. Luckily, my friend told me to sit tight and not do anything and the issue appears to be resolved now.

 

[x3sphere]

My saved CC is still there.

 

[Large Professor]

BTW, they must compensate everyone for this.

+ giant mea culpa, explain exactly what went wrong, and contact the users who's accounts were all over the internet.

 

[FortuneFaded]

I hope we at least get a kick-ass steam badge out of all this ordeal.

 

[Blood Diamonds]

No.

You can log in and play your games, but don't check your Account Details and--if you're particularly paranoid--don't use the checkout function (which displays your censored payment info).

Thank you. I'm getting really paranoid about this fuck

 

[VisceralBowl]

Thanks.

Oh and if you change too many times in a small window it will lock name changing for like 5 minutes but its not a big deal.

 

[Pachimari]

Has this been fixed? And am I safe to log in on Steam through the browser now?

 

[Showshank]

 

[obear]

Did they remove all cards and such from all accounts?

No, i just bought something with my card stored, and it also didnt ask for any verification..but my purchase history is clear so im not worried

Has this been fixed? And am I safe to log in on Steam through the browser now?

mines fine, i just bought something too, was pretty fast

 

[DeaviL]

I give you the "Gold Star for being 66% correct about compromised personal information!"

I remember that lesson from when i was still in school!
"How to make things look better or worse by using percentages"

Thanks for bringing up the good memories my friend.

 

[Vibranium]

I hope we at least get a kick-ass steam badge out of all this ordeal.

"The Great Steam Account Ordeal" badge, level 1.

 

[Tenebrous]

Oh and if you change too many times in a small window it will lock name changing for like 5 minutes but its not a big deal.

Yeah that just happened to me, haha. It's all good...

 

[fertygo]

I lost half of my cards in my inventory.

All is fine for me, thx mobile steam guard

 

[7DollarHagane]

Why don't you post all your credit card info online then? Any purchases will just be credited back anyway right?

Spoiler

Moron.

If you purposefully misuse your information they won't credit you back. If it is compromised they will.

I don't know why people have to be so defensive about credit card "theft" because it never hurts the card owner unless you admit to doing the purchase or something.

 

[Bort_]

Oh well, at least this time I only have to change my real name and home address instead of my password and e-mail address.

 

[Reebot]

I remember that lesson from when i was still in school!
"How to make things look better or worse by using percentages"

Thanks for bringing up the good memories my friend.

Lol. Whatever helps you feel alright about misleading people while defending a giant entertainment company.

 

[KojiKnight]

Can't access my account page from web or steam, can still log in and play my games though so I have that going for me at least.

 

[Costia]

It redirects me to steampowered though and my old CC also said "steamgames.com", just looked it up.

Yes, it does. The registrant info is just private.

All of mine say steampowered.
That's just strange. Why would valve register their domain via a 3rd party that hides their ownership? Maybe they bought the domain from a some private owner some time ago and just kept it there. Anyway, its weird.

 

[Eternal Gamer]

Are our inventaries safe? I am worried for my Dota 2 items.

 

[kamineko]

man, I was all like

I wonder if we'll get a satisfying explanation for this. I've been out of IT for four years now, so maybe I'm just out of touch, but it's strange to think about unencrypted customer data just hanging out someplace where anon/public access is sufficient. & actually that doesn't even sound like the kind of indexing/whatever problem that would return the random results we've all seen. So that's two questions, I guess.

Just doesn't really follow for me, not that they would disclose their own architectural details... just sounds weird.

Anyway, this really has shaken my confidence. I hope they will communicate effectively with regard to both root cause and countermeasures. I've been going crazy with PC games ever since I got this laptop, and am really enjoying the platform.

 

[DeaviL]

Lol. Whatever helps you feel alright about misleading people while defending a giant entertainment company.

Now now what have i told you about using the naughty word "misleading"?
Talking from your ass isn't a nice nor a clean thing to do you know.

 

[cebri.one]

Is there any way to know if my account has been compromised?

 

[Lightning Count]

My account is normal but I removed the payment methods as a precaution.

 

[cyba89]

Yup.

Goddamn poor guy. He's going to be on google. Forever.

I also found a different account on another one of those Archive-websites that are caching stuff.

 

[Crimsonclaw111]

My card was removed from Steam. Am I still okay to go PayPal?

 

[Cre8]

Shit, just got home and see this thread. Try to login to my Steam account and keeps telling me password and name error. When I press cant login, it said it cant connect to the server. Is this normal or am I screwed? I got like $23 dollars in credits.

 

[Thorgal]

I hope we at least get a kick-ass steam badge out of all this ordeal.

Everyone gets a " I survived the steampocalypse and all i got was this lousy T-shirt " Shirt .

 

[Crayons]

Oh no! Any purchase made by someone else will be credited back to your bank account or credit card and Valve will fix your account. Not a big deal.

It's a HUGE deal.

 

[73V3N]

is this happening to someone else right now

 

[Creamium]

Is that in the Steam client? If so, restart it... that fixed it for me.

Yeah thanks, that fixed it.