After much murmuring on the social networks the past few days about a suspected hacking of the Steam online gaming service, 4 days later creator Valve has confessed that yes – the digital store and multiplayer network have been ‘defaced’ and that the with over 30 million registered user accounts through the Steam forums have been compromised.
Steam offers cloud-based storage, meaning games purchased affect very little of a PC gamers memory and the service currently digitally distributes over 1400 titles from publishers such as Activision, Rockstar Studios and Electronic Arts.
The statement from CEO of Valve Gabe Newell reads:
“We learned that intruders obtained access to a Steam database in addition to the forums. This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating.
We don’t have evidence of credit card misuse at this time. Nonetheless you should watch your credit card activity and statements closely.
While we only know of a few forum accounts that have been compromised, all forum users will be required to change their passwords the next time they login. If you have used your Steam forum password on other accounts you should change those passwords as well.
We do not know of any compromised Steam accounts, so we are not planning to force a change of Steam account passwords (which are separate from forum passwords). However, it wouldn’t be a bad idea to change that as well, especially if it is the same as your Steam forum account password.”
Back in March, Valve began employing an email verification system so that if a user attempted to access their Steam account from another computer they would be prompted to reply to an email, so there is some chance that accounts can be saved by a simple password change. However, with gaming networks so deeply interconnected with forums, digital stores and online services, many players using the same password for all, it makes it very appealing for those who might wish to challenge security measures and make gamers feel unsafe using the online services.