Last Sunday a breach of security was detected on the Steam Forums which led to a temporary removal of service.
This is just another breach in what is becoming an increasing list of hacks on the gaming networks and companies on which we depend to download content and game online securely.
Following this unauthorised access Valve has acknowledged that personal information was compromised and access was gained to more than just the forums.
Company president Gabe Newell has sent an IM to the whole Steam user base stating the following:
“We learned that intruders obtained access to a Steam database in addition to the forums” he wrote.
“This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information.
“We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating.
“We don’t have evidence of credit card misuse at this time,” Gabe says. “Nonetheless you should watch your credit card activity and statements closely.”
It has been advised that if you use the same password for the Steam forums as other accounts that you should change these as well as a precaution. This is especially advisable if your main Steam account has the same password.
With more and more multi-player games relying on client applications and publisher only dedicated servers for you to play we need to start asking if the security risks will stop us from playing online in the future. It might be a real consideration for publishers in the future to continue releasing the dedicated server code. Would mean I get to play Battlefield 3 MP sooner rather than later and having to rely on access through Origin.
Gabe Newell is extremely apologetic and I think we can all say that Valve is working hard on resolving this and improving any vulnerabilities they might find.
Keep calm and frag on.