Depending on your holiday plans, players might have had some issues with Steam. The game service went down during the #Christmas holiday. Gamers on Twitter reported issues logging onto the download service. But that was not the biggest issue, bugs caused users to randomly get access to other customer’s account information with a glitch that changed the language of Steam client.
Users ended up looking through their Steam Client, clicked their username on the top right, then selected “Account Details.” Someone else’s name and email address were visible after refreshing the content. Showing private information from other accounts, including partial credit card numbers, email addresses, balance and purchase history.
SteamDB speculates the problem was caused with a caching issue, recommending that no one use the Steam Store until it’s resolved.
Valve is having caching issues allowing users to view things such as account information of other users. Don't use Store for now.
— Steam Database (@SteamDB) December 25, 2015
This meant avoiding the Store in one of the years biggest sales until Valve makes a statement. But this came in an unofficial response from a Steam Community Moderator”
“We’ve gotten reports that people sometimes see other people’s account information on the account page. Valve has been made aware of this and are working on a fix.
Some frequently asked questions:
– No, Steam is not hacked
– Creditcard info and phone numbers are, as required by law, censored and not visible to users on said page”
Update #2: Now the server and store is back up and running. Valve’s official word on the matter:
“Steam is back up and running without any known issue. As a result of a configuration change earlier today, a caching issue allowed some users to randomly see pages generated for other users for a period of less than an hour. This issue has since been resolved. We believe no unauthorized actions were allowed on accounts beyond the viewing of cached page information and no additional action is required by users.”
Update #3: So this is the last word from Valve. No “action” may have taken place on accounts, such as unwanted purchases, personal information being leaked, including names, email addresses, and partial credit card and phone numbers. That information can be used for fraud and phishing, “no additional action” may be needed to secure your Steam account, so use vigilance.