Steam Admits User Data Compromised

By Gabrielle Bauman – 

The hackers just might have gotten your information. If you use Steam, that is.

Users of the online computer gaming platform Steam may be familiar with the hacking of the site that occurred in November 2011. To purchase games on Steam, users have to enter in their billing address, credit card information, phone number, email address, and real name among other things.  A security break-in might just equal a stolen identity, and prior to now Valve — the publisher of Steam — wasn’t talking about what data was compromised.

The Steam store frequently features deals on video games and downloadable content,

Until now.

Steam is popular with Penn Manor’s gaming crowd, for its ease of use and networking possibilities. It has a chat interface for user to chat as they game, whether it be Skyrim or Team Fortress 2.

“All the time,” said a Penn Manor student about the frequency that he uses Steam.

“I love it,” said another.

According to Gabe Newell, co-founder of Valve Corporation, released information listing new information that he claims has just come into being. “Recently we learned that it is probable that the intruders obtained a copy of a backup file with information about Steam transactions between 2004 and 2008,” he said in an email send to Steam users.

While he claims that the data was probably not decrypted, Newell urges caution, “As I said in November it’s a good idea to watch your credit card activity and statements,” said Newell.  “And of course keeping Steam Guard [Steam’s security system] on is a good idea as well.”

Police have apprehended 15-year-old hacker TehWongZ, who is taking credit for the hacking and claims that he obtained 32,000 Steam usernames and credit card details. Whether these claims have any substance to them has yet to be determined.

Steam is an incredibly popular tool for PC gamers.

“The data was encrypted, and they’d have to break that encryption [to get at the user data],” said a Penn Manor student.

Inside of this file were user names, email addresses, encrypted billing addresses and encrypted credit card information. Passwords were not included in the document. Newell stated that he was not aware of any compromised accounts, but users should be on high alert just in case.

“It’s a good thing I wasn’t using Steam in 2008,” said one Penn Manor junior.

Many of the large gaming companies offer extensive lists of titles in the Steam catalog. Bethesda has The Elder Scrolls series, Valve has Portal and Team Fortress 2, and Activision has Call of Duty. Because of the ease of use associated with it (no need to order online or run to the store, simply buy and download it on your computer) and that Steam offers frequent sales on popular games, it owns a large share of the videogame market.

It’s no surprise then that Steam was targeted. Anyone with access to the Steam user database would have almost all of the information they would need to steal thousands of identities.

Right now, however, its unclear whether the user data was actually obtained from the backup file as the Valve team suspects. There seems to be much that the users and Valve team don’t know — what information was stolen, who was compromised, and whether or not any data was taken at all. Even if the hacker in question hadn’t obtained any solid or workable information, he or she certainly would be able to claim bragging rights of The One Who Broke Into Steam And Defiled The Forums.

Users should be warned: watch your credit statements, because there’s a chance that your private data may not be private anymore.

More on: 4c3ofsp4des