Gabe Newell Gives Update on Steam Hack of 2011

Valve Software bossman Gabe Newell released an update in regards to the studio's investigation into the Steam hack that took place last year. He said the investigation is still ongoing, and includes the help of outside security experts.

So far he stands firm on his previous announcement that intruders did indeed access the Steam database, but there's no evidence to suggest that credit card numbers and billing addresses were stolen. Still, Steam members should keep an eye on their credit card statements for suspicious activity nonetheless.

"Recently we learned that it is probable that the intruders obtained a copy of a backup file with information about Steam transactions between 2004 and 2008," he said on Friday. "This backup file contained user names, email addresses, encrypted billing addresses and encrypted credit card information. It did not include Steam passwords."

"We do not have any evidence that the encrypted credit card numbers or billing addresses have been compromised," Newell adds. "However as I said in November it's a good idea to watch your credit card activity and statements. And of course keeping Steam Guard on is a good idea as well."

"We are still investigating and working with law enforcement authorities," he concludes. "Some state laws require a more formal notice of this incident so some of you will get that notice, but we wanted to update everyone with this new information now."

Newell said back in November that the intrusion which defaced the Steam forums was more than just graffiti on the wall, that hackers gained access to a Steam database in addition to the forums.

"This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information," he said in November. "We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked."

Newell said he didn't know of any compromised Steam accounts, but suggested that users should change their passwords nonetheless.

Create a new thread in the US News comments forum about this subject
This thread is closed for comments
16 comments
    Your comment
    Top Comments
  • Hax0r778
    I appreciate that Valve is communicating really well about this problem (way better than Sony did after they were hacked). Now why can't they communicate this well about HL3?
    25
  • fonzy
    It's funny, it doesn't matter what happens over at valve it always comes back to HL3.
    11
  • Other Comments
  • Hax0r778
    I appreciate that Valve is communicating really well about this problem (way better than Sony did after they were hacked). Now why can't they communicate this well about HL3?
    25
  • manchuwarrior
    I'm not surprised about the recent update since the hacked FBI call mentions the Steam situation.
    2
  • cliffro
    I'm glad my bank decided to send me another debit card because some 3rd party they worked with was compromised, It covers both breaches for me.
    1