Locut0s
Lifer
- Nov 28, 2001
- 22,281
- 43
- 91
I deactivated mine. Kind of annoying since I don't have a very good back up card to use. :\
I seriously think you guys doing this are overreacting. But anyway I could be wrong.
I deactivated mine. Kind of annoying since I don't have a very good back up card to use. :\
So what's the verdict? Cancelling my credit card that I use on Steam will be a huge hassle since I am overseas.
Don't bother him with facts, he's just doing his work as the forum's resident asshole."This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information."
Huge difference between PSN plain text bullshit and Valves "hashed and salted" info.
Having said that, at the very least I expect Valve properly salted their database, to a degree that would make precomputing tables infeasible.
Personal information like email and password is hashed but not salted. Credit card and financial information is hashed + salted and the salt is computed at the time the information is entered and kept on a server separate from the DB server.
Gabe responds to emails involving the hacking:
Your CC number is actually the last thing I would worry about here. It's the most secure and has the most people backing you up on. Even if somehow your number gets compromised credit card companies are extremely good at reversing / forgiving faulty charges. It's any other info they may have in that database that I would be more worried about. Luckily it's probably just your name, address, phone number and the like, which is freely available to anyone and everyone already. Not saying this is nothing to worry about. I'd still take precautions but it's nothing to panic about.
Thanks Steam. Thanks for fu*king e-mailing me about something like this. Oh wait, you didn't. And I didn't see the news update/notice either. F*ck.
This is probably the only website/store where I have my CC info saved. Now I can't even find where I can delete it, but I guess there's no point since it's already been taken - not on my account page. It's my main CC. *sigh*
Wonder if I should notify my CC company while I'm ahead. At least Steam made it public.
Edit: Sent my CC provider an e-mail. Covers my ass in case their database "encryption" fails.