Email and billing addresses, encrypted passwords and personal data has been breached
The PC’s biggest online core games portal has been hacked, with a database of information breached and personal data compromised.
A plundered Steam database, managed by games giant Valve, contains information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card data.
The Washington group’s president, Gabe Newell, has issued an apology to users.
As of October 2011, there were around 35 million active user accounts on Steam. It is not known if a portion or the entirety of Valve’s customer network has been hacked into.
The attack likely occurred on Sunday, November 6th, when it was discovered that the Steam forums had been breached.
“We began investigating and found that the intrusion goes beyond the Steam forums,” Newell explained in a massage to the media.
“We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating,” he added.
“We don’t have evidence of credit card misuse at this time. Nonetheless you should watch your credit card activity and statements closely. While we only know of a few forum accounts that have been compromised, all forum users will be required to change their passwords the next time they login. If you have used your Steam forum password on other accounts you should change those passwords as well.
“We do not know of any compromised Steam accounts, so we are not planning to force a change of Steam account passwords (which are separate from forum passwords). However, it wouldn’t be a bad idea to change that as well, especially if it is the same as your Steam forum account password.
“We will reopen the forums as soon as we can. I am truly sorry this happened, and I apologize for the inconvenience.”
The attack has the potential to be the second biggest scalp claimed by hackers in 2011.
Earlier in the year, both the PlayStation Network and the Sony Online Entertainment servers had been breached. The illegal hacks had compromised more than 100 million accounts.
Steam executive Jason Holtman this week had cancelled his trip to the London Games Conference at the last minute.