11 Nov, 2011
A few days ago, when Steam’s forums were defaced, it apparently wasn’t just the forums that were compromised. According to a notice from Valve head-honcho Gabe Newell, the hackers also had access to a database storing billing information and encrypted credit card information.
Since Valve stores the credit card information encrypted with AES256, it should be ridiculously difficult to decrypt. Valve is keeping an eye on any other credit card breaches, and doesn’t believe that the hackers actually downloaded any personal info or credit card info. However, it would be prudent for Steam users to keep an eye on their bank statements.
Apparently, the hackers also had access to encrypted and salted password hashes. These are probably also difficult to decrypt, but not that difficult to brute force. So, it’s probably a good idea to change your Steam password as well as any other accounts that might use that same email and password.
Recent Comments