The first signs of it were last Sunday, when reports of Steam forum accounts being defaced started to emerge – the website fknowned.com appeared to be responsible. Now Valve has officially weighed in on the matter, confirming intrusions into the accounts of Steam forum users as well as a Steam database.
There is some good news, which is that the hack appears to be limited to forum user accounts at this stage (which require a different login to standard Steam accounts). However, Valve is still advising that users change their standard account passwords to be totally safe (particularly if it's the same password as their forum account) – password changes will be forced for forum users the next time they login.
Valve has stated that the database and forum accounts that were hacked contained information including usernames, hashed and salted passwords, e-mail and billing addresses, game purchases, and encrypted credit card details.
That said, Valve is also clarifying that it doesn't have evidence this credit card info has been cracked by the hackers. Steam users are yet to report instances of credit card misuse, although Valve is advising that they keep a close eye on the activity of their credit card accounts for the time being.
Steam forums have been locked down as Valve investigates the intrusions although, unlike the notorious PSN hacks earlier this year that forced Sony to take down the whole network, Valve has been able to keep the rest of Steam open for business.
Here's Gabe Newell's statement on the matter, which has also been instant messaged to the Steam user base:
Dear Steam Users and Steam Forum Users,
Our Steam forums were defaced on the evening of Sunday, November 6. We began investigating and found that the intrusion goes beyond the Steam forums.
We learned that intruders obtained access to a Steam database in addition to the forums. This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating.
We don't have evidence of credit card misuse at this time. Nonetheless you should watch your credit card activity and statements closely.
While we only know of a few forum accounts that have been compromised, all forum users will be required to change their passwords the next time they login. If you have used your Steam forum password on other accounts you should change those passwords as well.
We do not know of any compromised Steam accounts, so we are not planning to force a change of Steam account passwords (which are separate from forum passwords). However, it wouldn't be a bad idea to change that as well, especially if it is the same as your Steam forum account password.
We will reopen the forums as soon as we can.
I am truly sorry this happened, and I apologize for the inconvenience.
Gabe.
If you wish to link to this article, here's a permalink to this page:
Related Articles:Free Portal 2 DLC Arriving Next Month News Valve confirms a mid-September launch for Portal 2's first major instalment of DLC...Portal 2 - 'Insane Cube Tricks' News These guys have some mad companion cube skillz...Valve Still Doing Single-Player Games (Phew!) News Valve's Gabe Newell rubbishes rumours in the most reassuring news so far this year...UK Chart: Zumba Fitness Back On Top News 505 Games' Zumba Fitness retakes the top spot from Portal 2...UK Chart: Portal Holds Steady News No change this week...Related Adverts:TVG Store - Finding you the cheapest price for:
Portal 2Buy Portal 2 (PS3)View the Original article
No comments:
Post a Comment