Close
Report Comment to a Moderator Our Moderators review all comments for abusive and offensive language, and ensure comments are from Verified Users only.
Please report a comment only if you feel it requires our urgent attention.
I understand, report it. Cancel

Newell confirms Steam user details taken

Mon 13 Feb 2012 8:32am GMT / 3:32am EST / 12:32am PST
Online

Statement reveals encrypted data taken in November hacking

Valve co-founder and managing director Gabe Newell has confirmed the details of last November's cyber attacks on the Steam distribution service, revealing encrypted credit card information had been compromised.

"Recently we learned that it is probable that the intruders obtained a copy of a backup file with information about Steam transactions between 2004 and 2008," he said.

"This backup file contained user names, email addresses, encrypted billing addresses and encrypted credit card information. It did not include Steam passwords."

At this time Valve do not believe any of that information has been accessed, but advised users to be vigilant.

At the time of the hacking, Newell wrote to Steam users to say, to Valve's knowledge, no encrypted data had been taken.

"We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked," read a statement from Newell.

In an unconnected incident, yesterday Steam was down for a full 80 minutes in a power outage, after problems at one of the company's data centres.

"Our data centre's uninterruptible power supplies experienced a power failure," reported the official support forum last night.

"The power is back on now and we're working to get service restored as quickly as possible. We apologize for any inconvenience this may have caused."

In January Valve's latest financial statements showed the service saw more than a 100 per cent increase in year-over-year unit sales for the seventh year running.

7 Comments

John Bye Senior Game Designer, Future Games of London

481 451 0.9
I appreciate it's old data and therefore hopefully less damaging, but still, it's taken them three months to find his out? When Sony took *one week* to uncover the full extent of the PSN hack there were lawsuits, congressional hearings, and a big compensation package for all registered PSN users.

Posted:2 years ago

#1

Morville O'Driscoll Blogger & Critic

1,584 1,438 0.9
Such is the love Valve have amongst the PC community.

Posted:2 years ago

#2

Fran Mulhern , Recruit3D

863 707 0.8
I wonder if this explains why I got sent a new credit card recently, with a letter saying that, although no suspicious activity had been spotted on my account, my credit card company had "identified a number of accounts" at risk with their current cards. Needless to say, the card was registered on Steam.

Posted:2 years ago

#3

Barrie Tingle Live Producer, Maxis

386 185 0.5
Maybe someone with more knowledge can explain but why do companies keep credit card details old or new on their systems unless requested by the user?

I mean, is 3 year old credit card details of use to anyone? So why store them?

Posted:2 years ago

#4

John Tearle Founder, CEO, Flix Interactive

17 10 0.6
Well said Barrie. Also - gotta love the line "Our data centre's uninterruptible power supplies experienced a power failure," reported the official support forum last night...

Posted:2 years ago

#5

Private Industry

1,176 182 0.2
I have the same feeling as John, Sony gets torn to pieces by everybody for taking a week and valve takes month and everything is cool.

Barrie maybe it has something to do that people click on the box to save the credit card details or that they get automaticaly saved to the account so it doesn`t always need to be added each time you want to make a transaction?

Great uninterruptible power supply :)

Posted:2 years ago

#6

gi biz ;,pgc.eu

341 51 0.1
Maybe because it lift the feeling of "paying": you just click, nothing practical happens, while if you had to go get your wallet and type the numbers you would think "oh my, this month I already did this three times, better wait for the next month". Marketing psychology is evil and careless of real world issues. But more than them, I blame people who fall for those tricks. Sony asked for my credit card for opening a (free) online account, so I just didn't open it. Desura asks me if I want to store my password and I can choose "no", so I use Desura.
Think if your local grocery store offered to keep a clone of your credit card, so the next time you shop you don't have to open, or even bring with you, your wallet.

Posted:2 years ago

#7

Login or register to post

Take part in the GamesIndustry community

Register now