Steam Hack?

Chyron8472Chyron8472
edited November 2011 in General Chat
I just received a message in Steam saying that users' account information including passwords were recently compromised, and that I would be required to change my password n my next login. So, I logged out of Steam and back in again but it didn't ask me to change my password. Has anyone else had a message like this?

Comments

  • AlcoremortisAlcoremortis
    edited November 2011
    I haven't logged onto Steam, but Ringmaster just sent me an article confirming this.

    Here we go!

    I think I'll move to Canada now. Ciao, folks!
  • Gman5852Gman5852
    edited November 2011
    Well. Ill be changing my password/deleting credit card info now.

    I hope I can do that on the website.
    EDIT:Oh wait, I signed up for steam security. That means they need my email as well to get my steam account. :D
  • Chyron8472Chyron8472
    edited November 2011
    you mean Steam Guard? I have that set up also.

    Further, I pay for all Steam purchases with my Paypal account, and Steam won't know my Paypal password nor the payment info that Paypal uses.
  • Rather DashingRather Dashing
    edited November 2011
    Guys, all the info is here.
    Gabe Newell wrote:
    Dear Steam Users and Steam Forum Users:

    Our Steam forums were defaced on the evening of Sunday, November 6. We began investigating and found that the intrusion goes beyond the Steam forums.

    We learned that intruders obtained access to a Steam database in addition to the forums. This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating.

    We don’t have evidence of credit card misuse at this time. Nonetheless you should watch your credit card activity and statements closely.

    While we only know of a few forum accounts that have been compromised, all forum users will be required to change their passwords the next time they login. If you have used your Steam forum password on other accounts you should change those passwords as well.

    We do not know of any compromised Steam accounts, so we are not planning to force a change of Steam account passwords (which are separate from forum passwords). However, it wouldn’t be a bad idea to change that as well, especially if it is the same as your Steam forum account password.

    We will reopen the forums as soon as we can.

    I am truly sorry this happened, and I apologize for the inconvenience.

    Gabe.
  • Gman5852Gman5852
    edited November 2011
    Chyron8472 wrote: »
    you mean Steam Guard? I have that set up also.

    Further, I pay for all Steam purchases with my Paypal account, and Steam won't know my Paypal password nor the payment info that Paypal uses.

    Yeah same here.

    Im also a paranoid person, so I
    deleted the info on the credit cards
    Changed my password
    And Steam Guard was already on.(thanks browser version of steam)

    Overkill? Yes, but I don't care.
  • GaryCXJkGaryCXJk
    edited November 2011
    Beh, it's time for me to change to the more generally used version of my password anyway.

    And, since I already use at least three different passwords overall (thinking about adding a fourth to it), and one of my passwords has various variations with or without added numbers and / or underscores, I'm probably good.
  • Nintendo Boy1Nintendo Boy1
    edited November 2011
    This might explain why those random emails about canadian medicines were sent to my contacts, sunday. Oh man, my password for the forums are the same as the one for my steam account; and I have two of my brother's credit card number's saved and forgot to take them out. Well shit. I guess will have to fund out when the bill comes...
  • RawrRawr
    edited November 2011
    Just tell your brother to watch out for any odd looking charges. Then get him to phone up his bank, explain that the charge wasn't made by him, and they should refund the charge, cancel the card and send you a new one.

    Getting a tad sick of all these hacks really. Had just gotten over the whole PSN debacle. :|
  • Gman5852Gman5852
    edited November 2011
    Also, delete your credit card info now online. Best to make things as hard as possible for the hackers to get your info.
  • Nintendo Boy1Nintendo Boy1
    edited November 2011
    Well I deleted it, I just hope that the email thing was a concidence...
  • AlcoremortisAlcoremortis
    edited November 2011
    They can keep my email and see what good it does them, for I have no contacts added. I just never got around to it.

    See, I have beaten the hackers through LAZINESS.

    This is also the reason that I never put my credit card info on the site. That and I'm paranoid.
  • ProfanityProfanity Banned
    edited November 2011
    That is why I never, NEVER choose the save the credit card info. Unless those bastards save it nonetheless.

    One of the worst things to wake up to, lately. Changed... well, everything: Pass, email, secret question, both current and previous email passwords.

    paranoid-parrot-22.png

    We really are horrible paranoids, aren't we? Personally, my first thought was that the forum message warning us about the hack, was a message left by hackers.
  • der_ketzerder_ketzer
    edited November 2011
    If you let them store your info or have no differing password for your Steam then you are doing it wrong anyways.
  • ElvenmonkElvenmonk
    edited November 2011
    Gman5852 wrote: »
    Also, delete your credit card info now online. Best to make things as hard as possible for the hackers to get your info.

    If they've downloaded the files or cracked them then there's no point.
  • Gman5852Gman5852
    edited November 2011
    Elvenmonk wrote: »
    If they've downloaded the files or cracked them then there's no point.

    But. BUUT! What if its like they have access to the database, and files. That would mean that the credit card part would update to me having no card what so ever.

    But still, it is a precausion Im taking even if its in vain.
  • ProfanityProfanity Banned
    edited November 2011
    Gman5852 wrote: »
    But. BUUT! What if its like they have access to the database, and files. That would mean that the credit card part would update to me having no card what so ever.

    But still, it is a precausion Im taking even if its in vain.

    They had access and got the files, no way they're still in the database.
  • Gman5852Gman5852
    edited November 2011
    Profanity wrote: »
    They had access and got the files, no way they're still in the database.

    Well then lets hope they honestly haven't gotten our information then. Still deleted/changed everything for good measure.
  • ProfanityProfanity Banned
    edited November 2011
    Gman5852 wrote: »
    Well then lets hope they honestly haven't gotten our information then. Still deleted/changed everything for good measure.

    I think they did. Though I don't think they'll break the encryption, at least not anytime soon.
Sign in to comment in this discussion.