Jump to content

Steam Forums HACKED


Lancer
 Share

Recommended Posts

Steam Forums Apparently Hacked

xlarge_6afc04ecfc73a70e0993b614e5d91342.jpg

Last night, the forums for Valve's Steam service were apparently hacked. Redirects for a hacking website, Fkn0wned.com, appeared on the Steam Users' Forums, offering "hacking tutorials and tools, porn, free giveaways and much more."

It's not clear who hacked the forums, but Fkn0wned.com is denying responsibility, writing this on its own site: "Fkn0wned Forum is currently unavailable In lights of someone crediting us for the recent breaches of steam forums, the board is offline. Fkn0wned is not responsible."

Some users reported getting email spam apparently from Fkn0wned.com after the hack, and the forums are, at the time of posting, offline.

The Steam User's Forums and the Steam service account passwords are separate, but some users might use the same handles and passwords across both. If that pertains to you, it might be a good idea to change your Steam account password. And pronto.

Dá impressão de que foi apenas minor defacing dos forums. Nada de user info leaks tanto quanto se sabe até agora.

Link to comment
Share on other sites

Here’s the official statement:

Dear Steam Users and Steam Forum Users:

Our Steam forums were defaced on the evening of Sunday, November 6. We began investigating and found that the intrusion goes beyond the Steam forums.

We learned that intruders obtained access to a Steam database in addition to the forums. This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating.

We don’t have evidence of credit card misuse at this time. Nonetheless you should watch your credit card activity and statements closely.

While we only know of a few forum accounts that have been compromised, all forum users will be required to change their passwords the next time they login. If you have used your Steam forum password on other accounts you should change those passwords as well.

We do not know of any compromised Steam accounts, so we are not planning to force a change of Steam account passwords (which are separate from forum passwords). However, it wouldn’t be a bad idea to change that as well, especially if it is the same as your Steam forum account password.

We will reopen the forums as soon as we can.

I am truly sorry this happened, and I apologize for the inconvenience.

Gabe.

Por segurança vou mas é modificar o meu numero de cartao credito

Link to comment
Share on other sites

Hack: Steam Database Compromised

steam.jpg

We’ve just had a note from Gabe Newell saying: “Our Steam forums were defaced on the evening of Sunday, November 6. We began investigating and found that the intrusion goes beyond the Steam forums.”

We learned that intruders obtained access to a Steam database in addition to the forums. This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating.

It might be a good idea to change your Steam password, clearly. Full text below.

The following is being IM’d to the Steam user base.

———————-

Dear Steam Users and Steam Forum Users,

Our Steam forums were defaced on the evening of Sunday, November 6. We began investigating and found that the intrusion goes beyond the Steam forums.

We learned that intruders obtained access to a Steam database in addition to the forums. This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating.

We don’t have evidence of credit card misuse at this time. Nonetheless you should watch your credit card activity and statements closely.

While we only know of a few forum accounts that have been compromised, all forum users will be required to change their passwords the next time they login. If you have used your Steam forum password on other accounts you should change those passwords as well.

We do not know of any compromised Steam accounts, so we are not planning to force a change of Steam account passwords (which are separate from forum passwords). However, it wouldn’t be a bad idea to change that as well, especially if it is the same as your Steam forum account password.

We will reopen the forums as soon as we can.

I am truly sorry this happened, and I apologize for the inconvenience.

Gabe.

confirma-se o pior

Link to comment
Share on other sites

Ao menos o Steam tem outros mecanismos de defesa os danos podiam ter sido equivalentes aos do hack à PSN. A minha menor preocupação neste momento é a conta de Steam já que eles tem o Steam Guard para além do mecanismo normal (apesar disso troquei a minha pass pelo sim pelo não).

Mas continua a ser muito mau. Não percebo é como é que continuam a guardar dados pessoais não encriptados numa unica base de dados sabendo o que aconteceu à PSN e a outros.

Por muito que eles digam o contrário, o billing address contem dados pessoais (nome, morada, contacto fazem parte do billing address).

PunK_BoY chamado ao serviço! 14.gif

Existe algum procedimento jurídico que se deva seguir neste tipo de situação? Alguma coisa que se possa fazer? A Valve falhou, não devíamos ser compensados?

Link to comment
Share on other sites

eu tb nao tenho lá cartões de credito. das primeiras vezes ainda usei mbnet, mas depois passei a usar só paypal

quanto ao fantástico forum nunca consegui verificar a minha conta, mesmo depois de andar à turra com o suporte, simplesmente nao recebo os mails de verificação

Edited by roubagalinhas
Link to comment
Share on other sites

unledac.jpg

Obrigado, mas a questão era como chegar aí. :P

Lá dei umas voltas e descobri.

Settings -> Conta -> Historial de Conta ou lá o que é.

Entretanto já fechei o Steam e não me apetece voltar a abrir, mas fica a informação para quem quiser. :y: Obrigado, royal.

Link to comment
Share on other sites

  • 2 months later...

10 February 2012

Dear Steam Users and Steam Forum Users:

We continue our investigation of last year’s intrusion with the help of outside security experts. In my last note about this, I described how intruders had accessed our Steam database but we found no evidence that the intruders took information from that database. That is still the case.

Recently we learned that it is probable that the intruders obtained a copy of a backup file with information about Steam transactions between 2004 and 2008. This backup file contained user names, email addresses, encrypted billing addresses and encrypted credit card information. It did not include Steam passwords.

We do not have any evidence that the encrypted credit card numbers or billing addresses have been compromised. However as I said in November it’s a good idea to watch your credit card activity and statements. And of course keeping Steam Guard on is a good idea as well.

We are still investigating and working with law enforcement authorities. Some state laws require a more formal notice of this incident so some of you will get that notice, but we wanted to update everyone with this new information now.

Gabe

encrypted billing addresses and encrypted credit card information

Pronto estão desculpados.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.