Sign in with
Sign up | Sign in
Your question
Closed

Steam's Database Hacked, Info Possibly Stolen

Last response: in News comments
Share
November 11, 2011 2:11:06 AM

Didnt we already go through this with Sony?
Score
10
November 11, 2011 2:11:41 AM

Son of a gun...
Score
4
November 11, 2011 2:17:49 AM

Damn you EA!!!
Score
19
Anonymous
November 11, 2011 2:18:11 AM

Quote:
Didnt we already go through this with Sony?

yea but it was more like, SURPRISE WE GOT HACKED LOL!
Score
18
November 11, 2011 2:19:07 AM

Khimera2000Didnt we already go through this with Sony?


Unlike Sony, Steam's data is encrypted with AES256. These hackers actually have a better chance at getting laid than to crack the data they stole.
Score
34
November 11, 2011 2:19:39 AM

Khimera2000Didnt we already go through this with Sony?


Um... no... the got your email, and game purchase history. And billing address. Passwords and credit cards are encrypted. So... they got a whole lot of nothing.... hardly sony
Score
10
November 11, 2011 2:21:06 AM

hmm, I have not received an email, but I'm not part of the forum.
Score
8
November 11, 2011 2:21:07 AM

Now if origin had gotten hacked I am sure your credit card and account would be up for sale.
Score
23
November 11, 2011 2:23:13 AM

thesnappyfingershmm, I have not received an email, but I'm not part of the forum.


I got my message when starting Steam today.
Score
7
November 11, 2011 2:24:01 AM

unksolNow if origin had gotten hacked I am sure your credit card and account would be up for sale.

EA already does that job with Origin...
Score
17
November 11, 2011 2:25:27 AM

People mentioned this in the HardOCP thread as well. Its different for several reasons. One, Steam isn't denying/hiding it. They came forward, faster then Sony did as well btw, and admitted what happened. Two, assuming Steam isn't lying, the passwords and CC numbers were not stored as text. They (might) have the hash values or something like that, but not the numbers themselves. Hopefully. So yes it's similar to what happened with Sony in that they both got hacked, but the attitude of the companies along with how they stored data is VERY different.
Score
13
Anonymous
November 11, 2011 2:31:04 AM

[quoteDidnt we already go through this with Sony?[/quote]
sony had all the info UNENCRYPTED. steam uses 256bit AES encryption so your info is safe.
Score
12
November 11, 2011 2:43:21 AM

True sony did all the worng things in such a spectacular way, and this mess up is no where near that scale, however what makes me nervous though is the thought that Big companies still have a set up that allowes hackers to take all of our information, regardless if its incripted, in one trip. I thought this was the big lesson of the sony attack, dont put all your stuff in one place, dont make it so people can get everything in one go. spreading out sensitive information so no one can get all of it at once was the most important thing I got out of Sony's mess up, and I thought that it would be one of the first thing companies would fix.

Happy that its incripted this time though, at least its a move in the right direction. Sad that what I thought was one of the biggest mistakes was not thouroughly delt with. O well no ones perfect... or did I just miss the news on companies fixing this?
Score
0
November 11, 2011 2:56:03 AM

AbdullahGEA already does that job with Origin...


are you stupid?
Score
-12
November 11, 2011 3:05:54 AM

I got my replacement credit card in the mail two days ago already. The notice was about a third party data breach, but not where the breach occurred. Now I know that as well...
Score
-2
November 11, 2011 3:12:29 AM

kcorp2003are you stupid?

Come down with herpa derpies I see?
Score
6
November 11, 2011 3:17:05 AM

&.......this is why I'll never buy from steam
Score
-10
November 11, 2011 3:20:43 AM

not again with these hacking heists
Score
-1
November 11, 2011 3:42:09 AM

Fuck Valve
Score
-11
November 11, 2011 4:04:22 AM

xerrozFuck Valve


Valve is one of the FEW companies I trust... Every online database can be hacked, but it's not like they can get all your info just a click away. Valve has surely taken measures against that; unlike Sony, these people really care about providing good software.
Score
11
November 11, 2011 4:13:32 AM

Hmm... I only have a debit card which I use to buy crap online, including cheap Steam games. I think that for the effort those hackers deserve my $1.13 deposited on my debit card rofl!
Score
7
November 11, 2011 4:21:39 AM

What if some of the hacked accounts belong to some of the hackers, which they already know the credit card numbers, passwords, etc?

Wouldn't that help them crack the rest of the accounts more easily?
Score
5
November 11, 2011 4:51:06 AM

Khimera2000True sony did all the worng things in such a spectacular way, and this mess up is no where near that scale, however what makes me nervous though is the thought that Big companies still have a set up that allowes hackers to take all of our information, regardless if its incripted, in one trip. I thought this was the big lesson of the sony attack, dont put all your stuff in one place, dont make it so people can get everything in one go. spreading out sensitive information so no one can get all of it at once was the most important thing I got out of Sony's mess up, and I thought that it would be one of the first thing companies would fix.Happy that its incripted this time though, at least its a move in the right direction. Sad that what I thought was one of the biggest mistakes was not thouroughly delt with. O well no ones perfect... or did I just miss the news on companies fixing this?


im not an it person, but to me the idea of storing data seperatly seems... impractical, and even if they did, the data would still be easy enough to obtain, unless they have a way to lock it down the second they think data is being taken.

spikey in tnWhat if some of the hacked accounts belong to some of the hackers, which they already know the credit card numbers, passwords, etc?Wouldn't that help them crack the rest of the accounts more easily?


kind of... but you have to remember, they may know a few numbers and values, but they have to apply it in every area... like lets say you had a 100 mile streach of road, and you had to find one specific spot, but you only had about 1cm square to tell you where it is. yes, you can find it, but its like taking a million year task and making it 100000 years.
Score
1
November 11, 2011 5:16:10 AM

ben850 said:
Unlike Sony, Steam's data is encrypted with AES256. These hackers actually have a better chance at getting laid than to crack the data they stole.


I hope they get laid. By Bubba. In prison. And it better not be a quickie.
Score
12
November 11, 2011 5:18:45 AM

I didn't store my credit card information on Steam because of the whole Sony fiasco. Am I still safe? What information was compromised? Just personal information? What about transactional information? The letter does say "game purchases" but what does that REALLY mean? Do the offenders know the payment information of a particular purchase, to include credit card information? I might be a bit freaked out if that was the case.
Score
0
November 11, 2011 5:23:02 AM

Gabe is such a great guy and you can certainly feel his sincerity at the end. My view of Valve and Steam go unscathed from this.
Score
10
November 11, 2011 5:58:30 AM

The hacker sure looks determined in that photo.

And I gotta say, the ski mask really makes his tie "pop".
Score
9
November 11, 2011 7:31:16 AM

ben850Unlike Sony, Steam's data is encrypted with AES256. These hackers actually have a better chance at getting laid than to crack the data they stole.

Although, if they crack the data, their chances of getting laid will increase also
...
In prison!!!
Score
7
November 11, 2011 7:44:12 AM

back_by_demandAlthough, if they crack the data, their chances of getting laid will increase also...In prison!!!


I don't think Bubba or Antwan will care about their proxy servers :$
Score
6
November 11, 2011 8:48:12 AM

awww fuck me.

You know they wouldn't steal it if they couldn't get something out of it.

Gonna need a seperate set of cards / emails etc for the derpy companies I buy from.
Score
1
Anonymous
November 11, 2011 8:57:30 AM

i dont understand one thing , i never used forums, i will still be affected? or they use separate database for steam and for forum.Anyway this sux .After sony fail any company should improve security when its about personal info about clients, payments and cards.I expect more detailed info asap from u valve
Score
-2
November 11, 2011 9:17:50 AM

How do you like steam now? If I didn't have to go through Steam to play my game I wouldn't have been hacked!
Score
-2
November 11, 2011 9:40:04 AM

neon871How do you like steam now? If I didn't have to go through Steam to play my game I wouldn't have been hacked!

... your point is mute, you DON'T have to go through steam to play your games, you can run out to the best/closest retailer near you, buy them, and run them with out ever needing steam.

Steam getting hacked is a terrible blow to the gamer community. However, by not storing credit card info; or not doing it any more if you have, and chaning all of ones forum and steam login passwords the likely hood of anything happening to you from the stolen data is considerably small, probably less than 10%. You might get a influx in phishing attempts and spam mail, but good old filters and IP reporting can eleviate that.
Score
1
November 11, 2011 9:43:58 AM

VALVE.

I AM DISAPPOINT.
Score
-4
November 11, 2011 10:24:29 AM

Oh, no. Not this...
Score
0
November 11, 2011 11:19:08 AM

ichy... your point is mute


The term you were looking for is "moot"
Score
4
November 11, 2011 11:39:56 AM

And there ya go - another myth busted about STEAM being this unbeatable service.

Steam is just as lapsed as every other "Secure" system.
Score
-3
November 11, 2011 11:52:10 AM

STravisThe term you were looking for is "moot"



Thanks, for some reason I like to use mute instead of moot.. dunno why just do.
Score
0
November 11, 2011 12:55:29 PM

I could care less...I buy my games from the local store. Having to login to a service to play a game I purchased is non-sense. Hack away, I hope they take steam down for several days at the least.
Score
-6
Anonymous
November 11, 2011 1:31:08 PM

@spikey in tn

Doesn't quite work like that, encryption is a multi-stage data transformation process, each stage of the process is designed to makes it harder to reverse engineer the actual encryption routine itself (which has enough variability to allow each company to create a unique routine for their own purposes), it is actually possible to have two different encryption keys yield the same encrypted data result, compound this with the fact that the passwords were also salted, so even if you knew one set of results the chances of reverse engineering another is extremely difficult

@Netherscourge

In case you missed it, Valve did not simply think that a big heavy door equated to a secure system, they had setup a layered security system, yes the crooks broke down the front door, but fact is the data was encrypted and the password salted as well as the segmentation of servers meant they did not believe the front door was the be all end all of a security system
Score
3
November 11, 2011 1:38:59 PM

ROFLMAO, I like Origin!!
Score
-5
November 11, 2011 2:37:15 PM

ben850Unlike Sony, Steam's data is encrypted with AES256. These hackers actually have a better chance at getting laid than to crack the data they stole.

You SO made my day!
Score
2
November 11, 2011 4:39:13 PM

That's why I haven't bought the DLC for Supreme Commander 2. I don't trust companies to keep my private information safe. Its also why you are recommended to never use your debit card for purchases, even though its convenient and works. Credit card with low APR is the way to go.
Score
0
November 11, 2011 4:40:22 PM

SteveymooVALVE.I AM DISAPPOINT.


Your grammer is DISAPPOINT. LOl
Score
0
November 11, 2011 4:40:47 PM

"Your Steam Account
$0.00
Wallet Balance
+ Add funds to your Steam Wallet
There is no stored credit card information associated with your account."

;)  Sorry for everyone else. Really. Hackers: You suck!
Score
0
November 11, 2011 4:41:47 PM

Also, I got no warning. However last night at like 3am I did get kicked off Steam.
Score
0
Anonymous
November 11, 2011 4:50:03 PM

There has been no successful hack of AES 256.
Score
2
November 11, 2011 4:51:58 PM

Quote:

Steveymoo :

VALVE.I AM DISAPPOINT.





Your grammer is DISAPPOINT. LOl



Look who's talking (typing). ---->grammar
Score
0
November 11, 2011 6:34:17 PM

To be honest, I'm not concerned. The important data was hashed and salted unlike the unencrypted sony snafu. I will continue to use steam happily.
Score
2
!