Steam hacked - All Steam users are adviced to change their Steam passwords(Nov. 2011)

The_J

The_J

Say No 2 Net Validations
Administrator
Supporter
Joined
Oct 22, 2008
Messages
39,567
Location
DE/NL/FR
Our good friend Locutus from WePlayCiv noticed us about a recent event: The steam forums were hacked last saturday, and now it seems the hackers also gained access to Steam itself and were able to access user names, email addresses, hashed update and salted /update passwords, billing addresses and encrypted credit card information. The current status is that neither the passwords nor the credit card information has been cracked yet.
Every steam user, which includes every Civilization 5 user and partially also Civ3 and Civ4 users, are adviced to change their passwords and to keep an eye on their bank accounts.
For external information please see Kotaku or RockPaperShotgun.

Update: Concerned users might want to activate Steam guard, for more information please see here.
Thanks to Maniacal for these additions.
 
The_J said:
Our good friend Locutus from WePlayCiv noticed us about a recent event: The steam forums were hacked last saturday, and now it seems the hackers also gained access to Steam itself and were able to access user names, email addresses, hashed passwords, billing addresses and encrypted credit card information. The current status is that neither the passwords nor the credit card information has been cracked yet.
Every steam user, which includes every Civilization 5 user and partially also Civ3 and Civ4 users, are adviced to change their passwords and to keep an eye on their bank accounts.
For external information please see Kotaku or RockPaperShotgun.
Click to expand...

Thanks for the info :)
Could you mention how to change your password on Steam?
 
http://www.wired.com/gamelife/2011/11/steam-hacked/

Valve: Hackers Accessed Steam Users’ Encrypted Passwords, Credit Cards

Hackers gained unauthorized access to user information on the digital videogame distribution service Steam last weekend, the company that runs the service has said.

Information in the database, which was accessed on Sunday, November 6, included “user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information,” according to a note that Valve CEO Gabe Newell sent to all Steam accounts on Thursday. Valve forwarded the note to media including Wired.com, saying that the company was “still investigating” whether the information was taken by the hackers.

“We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked,” the note read. “We don’t have evidence of credit card misuse at this time. Nonetheless you should watch your credit card activity and statements closely.”

There are over 35 million registered accounts on Steam, which allows users to buy games, maintain friends lists and play against one another. Earlier this week, Valve took down Steam’s forums for what it said was “maintenance.” On Monday, some users reported that the message board had been hacked and flooded with advertisements for a group called FknOwned.

Valve said on Thursday that it originally believed that only its forums had been compromised and only found later after an investigation that hackers had access to the user information database.

Valve confirmed that some forum accounts had been compromised, saying it will require all users to change their passwords once the message boards are back up.

Since forum accounts are separate from the standard Steam service, the company said it does not plan to force Steam users to change their passwords, but it suggested that it “wouldn’t be a bad idea” to change that as well.
 
I love that I'm finding this out from a Civ fansite and not from Valve itself - you know, when I log into Steam, like right now, immediately.

Christ, Valve. Get your head out of your ass for once.
 
Turquoiside said:
And so once again, I'm glad I passed on CiV.
Click to expand...

I can't say glad, but this is sure an evidence where the problems with these online DRM systems are.

SuperJay said:
I love that I'm finding this out from a Civ fansite and not from Valve itself - you know, when I log into Steam, like right now, immediately.

Christ, Valve. Get your head out of your ass for once.
Click to expand...

If you try to access their forums, you'll directly get the message which was posted by Fabiano79.
 
It should be the first thing that happens when you turn it on.

I mean geez, many of us didn't want this in the first place but had it shoved down our throats, all the while with people telling us how great it is.
 
Thanks for the warning J. I wasn't hacked, but I'm changing my passwords anyway.
 
The_J said:
I can't say glad, but this is sure an evidence where the problems with these online DRM systems are.
Click to expand...
Where are all the preachers about how people who don't love Steam-like crap are paranoid and stuck in the past ?

Wouldn't it be fun if they get their bank accound flushed and their games locked as a result ? :p
 
Good thing Valve actually encrypted the account information and stuff for Steam, unlike Sony when they were hacked earlier this year (Sony denied and then didn't admit that they had been hacked until a week later...).

If anyone hasn't done it yet (and there is no reason you shouldn't have it already enabled) go into your Steam settings and enable Steam Guard. It makes it so that if you (or someone else) logs into your account on a computer that you have not approved already they have to enter a code that is sent to your e-mail account, if they don't have that code they can't log in. So Steamguard should pretty much stops someone Stealing your account already. Hell you can't even change your password without entering getting an auth code that is e-mailed to you.

What will be interesting to see is how many people stupidly used the same passwords and account names for their forum accounts as they used for their Steam accounts.
 
I've precariously deleted my steam account together with my civ V game. I didn't play it anyway....
 
bossconian said:
I've precariously deleted my steam account together with my civ V game. I didn't play it anyway....
Click to expand...

FYI you can't delete your Steam account (just like you can't delete your account on many sites), it still exists for you to log into again. If you really don't want to ever use yours again, I (or anyone without Civ5 who wants it) would be more than happy to take it.
 
Go into Steam settings, change your password. As soon as you ask to do so, an email will be sent to your email address of record. Check your email, get the code provided in it, enter the code in the change-password box, and proceed. Prevents any of the hackers from being able to change your account password, if they actually ever got to any of them. Took a couple minutes. As for being worried about the possibility of your credit card info getting hacked or stolen online, heh. Every institution in the world is in the same boat, and at the same risk. Many companies and government entities much bigger and with far larger security budgets than Valve, have gotten hit worse. ::shrug:: It's a credit card. I'm not worried about anybody 'cleaning me out' if they ever did happen to get ahold of the info. Credit cards have excellent consumer protections, and you don't have to pay for fraudulent use of yours by thieves. They remain the safest way to do business in this online world. People who freak out over such things are just ignorant.

Moderator Action: Please don't antagonize people that have legitimate concerns by calling them ignorant. Thanks.
Please read the forum rules: http://forums.civfanatics.com/showthread.php?t=422889
 
So all those "paranoid" people (like me) were right after all. I'll be keeping my computer a steam free environment.
 
SuperJay said:
I love that I'm finding this out from a Civ fansite and not from Valve itself - you know, when I log into Steam, like right now, immediately.

Christ, Valve. Get your head out of your ass for once.
Click to expand...

They did.

Spoiler :
 
Kinda scary, changed mine and my wife's passwords.

...Now we play the waiting game. (no puns intended)
 
Odd my steam doesn't show that. Even if I go to the news tab and search for it I still don't find it. Though I do find Kohaku(or whatever) articles about it. . . So this is the first I have heard of it!
 
scratchthepitch said:
So all those "paranoid" people (like me) were right after all. I'll be keeping my computer a steam free environment.
Click to expand...

Yep, me to. So much trouble for playing a single player game...
 
You must log in or register to reply here.

Similar threads

Kaitzilla
Attention Divorce Lawyers, Ashley Madison Hacked!
4 5 6
Replies
108
Views
7K
daft
D
The_J
  • Locked
Steam hacked - All Steam users are adviced to change their Steam passwords
Replies
0
Views
2K
The_J
The_J
ArneHD
"How to hack an election", Election manipulation in South and Latin America
Replies
10
Views
2K
Valka D'Ur
Valka D'Ur
Y
The War Z (MMO game) got royally hacked! LOL
Replies
6
Views
1K
Farm Boy
Farm Boy
Kaitzilla
Largest Hack in U.S. history
2
Replies
20
Views
3K
JollyRoger
JollyRoger
Top Bottom