Sign in with
Sign up | Sign in

Gabe Newell Gives Update on Steam Hack of 2011

By - Source: Valve PR | B 16 comments

There's still no evidence that hackers stole credit card numbers and billing addresses, reports Valve bossman Gabe Newell.

Valve Software bossman Gabe Newell released an update in regards to the studio's investigation into the Steam hack that took place last year. He said the investigation is still ongoing, and includes the help of outside security experts.

So far he stands firm on his previous announcement that intruders did indeed access the Steam database, but there's no evidence to suggest that credit card numbers and billing addresses were stolen. Still, Steam members should keep an eye on their credit card statements for suspicious activity nonetheless.

"Recently we learned that it is probable that the intruders obtained a copy of a backup file with information about Steam transactions between 2004 and 2008," he said on Friday. "This backup file contained user names, email addresses, encrypted billing addresses and encrypted credit card information. It did not include Steam passwords."

"We do not have any evidence that the encrypted credit card numbers or billing addresses have been compromised," Newell adds. "However as I said in November it's a good idea to watch your credit card activity and statements. And of course keeping Steam Guard on is a good idea as well."

"We are still investigating and working with law enforcement authorities," he concludes. "Some state laws require a more formal notice of this incident so some of you will get that notice, but we wanted to update everyone with this new information now."

Newell said back in November that the intrusion which defaced the Steam forums was more than just graffiti on the wall, that hackers gained access to a Steam database in addition to the forums.

"This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information," he said in November. "We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked."

Newell said he didn't know of any compromised Steam accounts, but suggested that users should change their passwords nonetheless.

Discuss
Display all 16 comments.
This thread is closed for comments
Top Comments
  • 25 Hide
    Hax0r778 , February 10, 2012 9:20 PM
    I appreciate that Valve is communicating really well about this problem (way better than Sony did after they were hacked). Now why can't they communicate this well about HL3?
  • 11 Hide
    fonzy , February 10, 2012 9:49 PM
    It's funny, it doesn't matter what happens over at valve it always comes back to HL3.
Other Comments
  • 25 Hide
    Hax0r778 , February 10, 2012 9:20 PM
    I appreciate that Valve is communicating really well about this problem (way better than Sony did after they were hacked). Now why can't they communicate this well about HL3?
  • 2 Hide
    manchuwarrior , February 10, 2012 9:21 PM
    I'm not surprised about the recent update since the hacked FBI call mentions the Steam situation.
  • 1 Hide
    cliffro , February 10, 2012 9:44 PM
    I'm glad my bank decided to send me another debit card because some 3rd party they worked with was compromised, It covers both breaches for me.
  • 11 Hide
    fonzy , February 10, 2012 9:49 PM
    It's funny, it doesn't matter what happens over at valve it always comes back to HL3.
  • 8 Hide
    joytech22 , February 10, 2012 10:38 PM
    Sony gets hacked: Unencrypted card details stolen, network goes down for weeks.

    Valve gets hacked: Old backup file and encrypted card details stolen, no noticeable problems except forum was closed for a while.
  • 0 Hide
    alidan , February 10, 2012 10:44 PM
    someone got my account and tried to get access for a while... annoying that i had to change my password.
  • -1 Hide
    kjsfnkwl , February 10, 2012 11:41 PM
    Oh, so I have nothing to worry about because I made my account in 2009. That's a relief.
  • 1 Hide
    tolham , February 11, 2012 12:36 AM
    this is why i don't let websites save my credit card info.
  • -1 Hide
    buckcm , February 11, 2012 1:34 AM
    I don't know about getting hacked, but I think this phishing website under the guise of "Steam Works" and "Valve Software" nailed me for a bunch of transactions between Christmas and New Years last year. Apparently an investigation is ongoing by EA.
  • -4 Hide
    ltdementhial , February 11, 2012 4:01 AM
    Hax0r778I appreciate that Valve is communicating really well about this problem (way better than Sony did after they were hacked). Now why can't they communicate this well about HL3?


    Oh din't you know? Valve cant count to 3...they're ashamed of that and doesnt anyone to know it.


    Excuse my lame english
  • 1 Hide
    fakie , February 11, 2012 6:59 AM
    Gabe, the BOSS MAN
  • 0 Hide
    billybobser , February 11, 2012 3:15 PM
    So only my email got sold to spammers, that's a relief...
  • 1 Hide
    razor512 , February 12, 2012 4:36 AM
    jerk hackers,why couldn't they have released details on half life 3 instead?
  • 3 Hide
    onanonanon , February 13, 2012 11:52 AM
    Razor512jerk hackers,why couldn't they have released details on half life 3 instead?

    Because there probably aren't any...
  • 0 Hide
    zak_mckraken , February 13, 2012 1:16 PM
    Hax0r778I appreciate that Valve is communicating really well about this problem (way better than Sony did after they were hacked). Now why can't they communicate this well about HL3?

    Maybe they are communcating well about HL3. Maybe it's just not happening... God I hope it ain't the case!
  • 0 Hide
    Anonymous , March 22, 2012 5:53 PM
    Well, here some evidence for you Gabe. My credit card info, ONLY used online to buy some steam games was recently used by a someone to play some poker online (around 350$)