Security Alert blog at PCWorld.com.
If you're a gamer who plays titles that use the Steam platform from Valve, you may want to keep a close eye on your personal data.
On Sunday November 6, Steam servers got hacked, and the hackers gained access to the user database. Initially the attack appeared to be against the Steam forums, but Valve later discovered the attack had run deeper than the online community. Details are still a little thin on the ground, but on Thursday Valve, the company behind Steam, posted the following message to its forums:
"We learned that intruders obtained access to a Steam database in addition to the forums. This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating.
We don't have evidence of credit card misuse at this time. Nonetheless you should watch your credit card activity and statements closely.
While we only know of a few forum accounts that have been compromised, all forum users will be required to change their passwords the next time they login. If you have used your Steam forum password on other accounts you should change those passwords as well."
The compromise comes at a pretty bad time for PC gamers due to the imminent release of Skyrim: The Elder Scrolls V, which is supposed to be ready for download at midnight Friday morning.
Valve suggests that you change your Steam password and keep a close eye on your credit card and bank statements. See our previous story on what to do if you're a victim of a data breach for more steps you can take to protect your personal information.
Now would also be a good time to look at using Steam Guard. Steam Guard is available to all account holders, and prevents others from accessing Steam from an unknown computer unless you enter a code, which is delivered to your email.
Also, you should make sure your email address is verified with Steam in order to set up security features like secure questions.
Friday, November 11, 2011
Steam gets hacked: Here's how to keep safe | Macworld