Steam Forums Hacked – Accounts Compromised

Krypton Radio Special ReportSkyRim Launch Apparently Unaffected

Krypton Radio Newswire

Steam, the online empire of computer game behemoth Valve Corporation, has issued details of the hack it suffered last weekend:

Dear Steam Users and Steam Forum Users,

Our Steam forums were defaced on the evening of Sunday, November 6. We began investigating and found that the intrusion goes beyond the Steam forums.

We learned that intruders obtained access to a Steam database in addition to the forums. This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still   investigating.

Skyrim is the fifth game in Bethesda Software’s popular Elder Scrolls series. You could download it in advance, but it was locked until the first minute after midnight on 11 November 2011.  If the Steam online services had been taken offline as a result of the hacking, Skyrim’s launch would have been delayed.  However, reports indicate that it unlocked just fine at the appointed hour.  This is a pretty good indication that Steam is in fair shape after the attack.

Your credit card information?  Steam doesn’t know, but it could be out there.  It’s encrypted, but these things can be cracked, eventually. Keep a watch on credit card activity on the card you use for your Steam account.

Here are some other things you probably should think about doing in light of the Steam security advisory:

  • Change your Steam password, just in case. If you were using a weak password before, make a stronger one this time. 
  •  Keep an eye on your credit card statement and report any unexpected transactions.
  • Think about  not storing your credit card data on Steam’s servers. You don’t have to. You can choose to enter it every time you need it instead.
  • Enable Steam Guard. If you do, Steam will email you every time you (or someone else) logs in from someone else’s computer.

Exactly who did the hacking isn’t known yet.  It’s unlikely that this has anything to do with Anonymous this time.  The problem is, however, getting monotonous.  Let’s hope various online services start taking note of this constant invasion problem and do something about beefing up security.

Facebook Comments

What do you think?