Steam Hacked | Credit Card Information at Risk

[Fox5]

Gabe responds to emails involving the hacking:

BS.

Valve has a way to decrypt the data, that means the hackers could potentially have a way to decrypt the data. Encrypted data only protects you if the hackers only grab the data, and not the keys that go with the data. In theory, once they're on the system, they could have even asked the system to decrypt the data for them.

 

[ViviTheMage]

On a possibly related note, my debit card was used for two separate $122 ATM withdrawals on 10/15 and 10/20 in a place I've never been to.

Doesn't hurt to check, boys.

uncool!

 

[CrystalBay]

Steam forums are back up...

 

[Skott]

Guys, would this affect those who pay via paypal?

Sent from my GT-I9100 using Tapatalk

I'm curious about this as well. From what I have heard PP gives you an extra level of protection though so shouldn't be as vulnerable as a CC. At least thats what I hear. Hopefully the perp/s are doing nothing with the info they stole.

 

[MacLeod1592]

Has PayPal ever been hacked? With all these hackers breaking into everything from Sony to the Pentagon, youd think somebody whos sole business is to keep hundreds of millions of bank account records would be way up there on the hit list. But to my knowledge, its never been hit.

 

[RavenSEAL]

Has PayPal ever been hacked? With all these hackers breaking into everything from Sony to the Pentagon, youd think somebody whos sole business is to keep hundreds of millions of bank account records would be way up there on the hit list. But to my knowledge, its never been hit.

They probably get hit every day, but most likely never get breached. If it did, and something leaked; it would be the end of eBay as we know it and the eFinancial maket will fall into chaos, Paypal is an example of when knowing too much could be extremely bad.

 

[techforums]

BS.

Valve has a way to decrypt the data, that means the hackers could potentially have a way to decrypt the data. Encrypted data only protects you if the hackers only grab the data, and not the keys that go with the data. In theory, once they're on the system, they could have even asked the system to decrypt the data for them.

it was fake. http://i.imgur.com/LW44c.png

 

[NoCreativity]

Thanks Steam. Thanks for fu*king e-mailing me about something like this. Oh wait, you didn't. And I didn't see the news update/notice either. F*ck.

That pisses me off. Instead of doing the responsible thing and sending out the e-mail to all their users, they post a message in a place that people may not visit on a regular basis. Good job.

I check my e-mail every day, I almost never visit steam forums so I never would have known if I didn't visit AT.

I understand that things happen. Just fucking properly notify me if/when it does so I can do some proper containment.

Reminds me of the monoprice crap. An otherwise great company failing hard when a breach happens.

 

[AMDZen]

it was fake. http://i.imgur.com/LW44c.png

Wait so how was that email faked too?

 

[techforums]

Wait so how was that email faked too?

it was supposedly created by someone from 4chan.

 

[SpatiallyAware]

That pisses me off. Instead of doing the responsible thing and sending out the e-mail to all their users, they post a message in a place that people may not visit on a regular basis. Good job.

I check my e-mail every day, I almost never visit steam forums so I never would have known if I didn't visit AT.

I understand that things happen. Just fucking properly notify me if/when it does so I can do some proper containment.

Reminds me of the monoprice crap. An otherwise great company failing hard when a breach happens.

I agree on the monoprice breech, it caused me to stop buying from them even though I like their products.

 

[s1njin]

That pisses me off. Instead of doing the responsible thing and sending out the e-mail to all their users, they post a message in a place that people may not visit on a regular basis. Good job.

I check my e-mail every day, I almost never visit steam forums so I never would have known if I didn't visit AT.

I understand that things happen. Just fucking properly notify me if/when it does so I can do some proper containment.

Reminds me of the monoprice crap. An otherwise great company failing hard when a breach happens.

I didn't know about monoprice !! SOB ....

As for Steam - I use PayPal. I'm so tired of giving everybody my CC info.

 

[SpatiallyAware]

I didn't know about monoprice !! SOB ....

As for Steam - I use PayPal. I'm so tired of giving everybody my CC info.

Hell, I'd almost rather a hacker have my CC nums and auth code than my paypal login.


The monoprice breech is an example of the worst way to deal with a breech by far.

It was first noticed on some forums.. Someone who had a card they only use at monoprice had a bunch of charges. Then a bunch of others popped up saying it happened to them as well. Monoprice basically said there may or may not have been a breech and no reason to worry at this time.

Meanwhile LOTS of people were noticing bizarre charges, eventually they admitted that there was some sort of breech but it didn't affect CC. Then it 'maybe' affected CCs as they were being processed. Then it maybe affected a non-CC server. Eventually I believe they blamed it on their CC processing company.


As far as I know they never officially notified anyone of anything.. All info was through some banner on their website or something. It was an obvious 'cover-up' attempt.

 

[manko]

As for Steam - I use PayPal. I'm so tired of giving everybody my CC info.

Look into virtual CC numbers which some companies offer. That means you have a different unique number for each purchase. You can set a certain amount and expiration date and the number is only good at one vendor. That way if any store loses your CC info, the card number usually is expired with $0 value, can't be used by any other vendor and doesn't have your actual physical card number, so it's worthless.

Virtual CCs are also good to prevent companies from overcharging you or automatically continuing to charge you for something you cancelled or where they absolutely need a CC on file for some reason (just make a $1 value virtual CC).

 

[Aikouka]

Hell, I'd almost rather a hacker have my CC nums and auth code than my paypal login.

I've set up a few PayPal authorizations over the past couple of days, and I really don't think that the companies will store anything like your login information at all. When you set one up, you are redirected to PayPal (in a browser), where you log in and state that you wish to create a merchant link (or some name like that) with the merchant (Steam, Amazon, iTunes, etc.)

My assumption is that PayPal will provide the service with some sort of "merchant link id", which it uses in conjunction with its own id (provided by paypal... like a "merchant id") to actually place a charge on your PayPal account.

Now, this is really just my own musings as to how it works. It may not be accurate at all, but it seems viable. It's sort of like a public/private key system.

 

[Destiny]

When the playstation network was hacked they stole my credit card info and someone used it to sign up for an eHarmony Account... got that card canceled...

Now our steam accounts got hacked! D:

As I'm typing this I just remembered I had the same card used for PSN also for my Steam account too... so if they did steal my CC then its already canceled... sucks for them

 

[s1njin]

Hell, I'd almost rather a hacker have my CC nums and auth code than my paypal login. The monoprice breech is an example of the worst way to deal with a breech by far.

My PayPal account is pretty limited. Its not tied to any bank account. And its tied to one credit card that is used for NOTHING else.

My exposure is pretty limited, and it'll be easy to see if any snafu occurs.

 

[Via]

What the flunk?

I went to buy the Oblivion deal, and for the first time it says my pasword is wrong. So I go to change it.

Steam sends the change code to my main e-mail account, and when I go to retrieve it the e-mail account is "temporarily unavailbale".

It's been that way for an hour now. All of my other e-mail accounts work fine. I have some urgent e-mails to respond to in that account!

Steam fucking Steam stuff is one thing, but leave my personal acocunts out of this!!!!!!!!!

 

[Dankk]

What the flunk?

I went to buy the Oblivion deal, and for the first time it says my pasword is wrong. So I go to change it.

Steam sends the change code to my main e-mail account, and when I go to retrieve it the e-mail account is "temporarily unavailbale".

It's been that way for an hour now. All of my other e-mail accounts work fine. I have some urgent e-mails to respond to in that account!

Steam fucking Steam stuff is one thing, but leave my personal acocunts out of this!!!!!!!!!

Ummm.... I hope you aren't blaming this on Valve, lol

 

[Via]

I was able to access the account right before all of this, and all of my other acounts still work fine .

update - Almost 2 hours and the one single e-mail account with the Valve info is still down. I've tried every other hotmail account I have repeatedly and they work fine.

If you expect me to believe that's not a coincidence I've got a bridge to sell you.

 

[Locut0s]

What the flunk?

I went to buy the Oblivion deal, and for the first time it says my pasword is wrong. So I go to change it.

Steam sends the change code to my main e-mail account, and when I go to retrieve it the e-mail account is "temporarily unavailbale".

It's been that way for an hour now. All of my other e-mail accounts work fine. I have some urgent e-mails to respond to in that account!

Steam fucking Steam stuff is one thing, but leave my personal acocunts out of this!!!!!!!!!

Ummm.... I hope you aren't blaming this on Valve, lol

I was able to access the account right before all of this, and all of my other acounts still work fine .

update - Almost 2 hours and the one single e-mail account with the Valve info is still down. I've tried every other hotmail account I have repeatedly and they work fine.

If you expect me to believe that's not a coincidence I've got a bridge to sell you.

Sometimes those selling bridges are wearing tin foil hats.

 

[tedrodai]

I was able to access the account right before all of this, and all of my other acounts still work fine .

update - Almost 2 hours and the one single e-mail account with the Valve info is still down. I've tried every other hotmail account I have repeatedly and they work fine.

If you expect me to believe that's not a coincidence I've got a bridge to sell you.

So did you get access back? Or contact Hotmail about it to get it fixed?

Anywho, my CC hasn't had any bogus charges.

 

[Barfo]

I've always used Paypal to pay for my Steam games, I can assume I'm safe, right?

 

[Skott]

I've always used Paypal to pay for my Steam games, I can assume I'm safe, right?

I would think you are safer than the average CC user.

 

[Via]

So did you get access back? Or contact Hotmail about it to get it fixed?

Anywho, my CC hasn't had any bogus charges.

I got access back the next day - over 24 hours later.

It probably was just a coincindence, but it is really that much of a strecth to think Valve was being overly careful in the wake of the PSN scandal and contacted hotmail to put a hold on the e-mail account until everything could be verified?

My purchase was very strange. Everything was fine; I had checked out and was waiting for the "install game" option when Steam suddenly asked for my password and subsequently wouldn't accept it (my password works again, by the way). I have to assume some sort of red flag went up.

I was able to get Steam to send a "change password" code to my e-mail, and that's when my account locked up. Only that one account.