Steam compromised by hackers
Valve Software, the company behind the Steam game distribution platform, has confirmed that hackers gained access to some of its customer database. In a post on the Steam Users' Forums, Valve co-founder and managing director Gabe Newell says that, on Sunday, 6 November, unknown intruders gained access to the forum servers. Some users were also reportedly pointed to a warez site called Fkn0wned; however, the operators of this site have denied any involvement.
Newell said that after Valve's servers were switched off, an investigation revealed that the attackers had access to the forum data as well as a Steam database containing user names, password hashes and salts, game purchases, billing addresses and encrypted credit card information. However, the executive added that there is currently no evidence that this data was actually taken or cracked by the intruders. "We don’t have evidence of credit card misuse at this time. Nonetheless you should watch your credit card activity and statements closely," said Newell, adding that they currently only know of "a few forum accounts" that have been compromised.
Newell didn't stipulate how many of the approximately 35 million active Steam accounts have been affected by the intrusion. Because of the incident, all forum users will be asked to provide a new password when they next log in. Newell does note that forum logins are separate from Steam account logins, and, although Steam customers won't be forced to enter a new password, Newell said that it "wouldn't be a bad idea" to change that password as well, especially if it is identical to their forum password. The company plans to reopen the forums as soon as possible.