Update: Steam Store Reveals Private User Information, Gets Shut Down

[Steven Bogos]

Update: Steam Store Reveals Private User Information, Gets Shut Down

//cdn.themis-media.com/media/global/images/library/deriv/891/891273.jpg
Multiple reports are coming on concerning a serious error with the Steam Store that reveals the private information of other users.

Update: Valve has given the all clear. "Steam is back up and running without any known issues," a Valve spokesperson told GameSpot [http://www.gamespot.com/articles/steam-issue-allowing-access-to-other-users-account/1100-6433371/]. "As a result of a configuration change earlier today, a caching issue allowed some users to randomly see pages generated for other users for a period of less than an hour. This issue has since been resolved. We believe no unauthorized actions were allowed on accounts beyond the viewing of cached page information and no additional action is required by users."

Even though Valve "believes" that no unauthorized actions were performed, we did hear unconfirmed reports that entire credit card numbers were able to be accessed due to the glitch. As such, it may still be in your best interest to remove any stored credit card information from your account, and keep an eye on your credit card activity.

Original Story: It looks like this year's Christmas Grinch is none other than beloved PC gaming platform Steam. Multiple reports are coming in from Steam DB [https://www.reddit.com/r/Games/comments/3y7maa/something_is_really_wrong_with_steam_be_careful/] is speculating that a caching error is effectively logging users in to accounts that don't belong to them. Scary.

As an emergency measure, the Steam store has been completely taken offline [http://store.steampowered.com/] to prevent any fraudulent purchases from happening, understandable considering that some unconfirmed reports are claiming that the full credit card information of users with stored credit card information is being made available to random users.

The official Steam Support Twitter [https://twitter.com/steam_support] has been silent on the whole matter. For now, we would recommend not using the Steam Store, even if it comes back up, removing any stored credit card information from your account, and keeping a close eye on your credit card account to make sure no suspicious purchases have occurred.

We have reached out to Valve for more information, and will endeavor to update this post if we learn anything more.

Source: reddit [https://www.reddit.com/r/Games/comments/3y7maa/something_is_really_wrong_with_steam_be_careful/]

Permalink

 

[Phoenix1213]

Yeah I saw this on the mobile app. I was trying to log in to my account on a new computer but couldn't quite remember my username, so I clicked "store account" on the mobile app and it kept coming up with the store information for these two random users. I was a bit worried these guys had hacked my account and tied their accounts to mine...

By the time I looked up my account name on my main computer and tried logging in the store was already down.... Does this effect steam as a whole?
Because it couldn't even connect to the server to log me in.

 

[ShakerSilver]

There's been lots of reports of people having their Steam wallets and PayPal accounts tied with Steam emptied out - this is on top of simply being able to see their email and other personal info. Pretty serious shit going down.

These sorts of incidents are the reason why you never save credit info online and/or just use prepaid credit cards and gift cards for online purchases.

 

[synobal]

No big deal just a caching issue.

 

[Bad Jim]

We have another thread on this
http://www.escapistmagazine.com/forums/read/9.931966-Steam-acting-weird-for-anyone

 

[Adam Jensen_v1legacy]

Yeah I saw it. I wasn't even logged in. I just went to Steam website and suddenly it was in German and some games had that "on your wishlist" on them. It was bizarre.

 

[omega 616]

I was online, had some stupid clicker game running (it's got it's claws in me damnit!) while watching TV, decided to look for a game to tide me over till xcom 2 and suddenly my language is Russian, refresh, German, refresh, Spanish, refresh, never seen this language before, refresh, Russian, restarted the computer, reinstalled steam, all the same problems.

Just deleted everything and hope I get everything back in tact. My debit card is tied to it though.

 

[09philj]

I always just use prepaid cards on storefronts where possible. It's a bit of a hassle having to go to Game every time I want a top up, but it's better than having my account information nicked.

 

[Areloch]

Steam only displays the last digits of the phone and any credit card info, so it's unlikely that anyone's data is directly compromised.

I believe the worst is the account name and the address data could be seen, but that doesn't directly compromise people's billing info(though still not a good thing).

 

[Barbas]

(Snip).

The issue may now be resolved:

https://twitter.com/SteamDB

 

[Lightspeaker]

"removing any stored credit card information from your account"

https://twitter.com/GuerrillaDawg/status/680500791262720000

More sites that can't fact check and absolutely have to get a story up immediately regardless of accuracy.

It's a caching issue if you delete it or use it that's what's being shown, that's the entire issue. DON'T MIS-INFORM YOUR READERS WITH THIS CRAP

I have to agree with this. Most of what I've read suggests that evidence is pointing to it being a cache issue which, if that is the case, means its very irresponsible to recommend people do that.

The only truly safe thing you can do if you're genuinely worried enough is to cancel any cards attached to your steam account. If you don't do that then make sure to monitor your account.

 

[Dr.Awkward]

Had it happen to me as well right after redeeming my gift card with the mobile app. Had me concerned a bit, but after logging in with my computer the money was there, fortunately.

 

[Erttheking]

Thankfully it seems to be over now. My account seems to have stabilized. I checked my bank account and no funds have been taken out with the exception of a couple of games I bought AFTER my account stabilized. So thankfully I seem to be in the clear.

I still deleted my stored card information. Honestly I had been meaning to do that for awhile now.

 

[vallorn]

We have an official ALL CLEAR statement from Valve themselves now.
http://www.gamespot.com/articles/steam-issue-allowing-access-to-other-users-account/1100-6433371/

 

[MASTACHIEFPWN]

Ah, I knew there was a reason I never tick the "Save payment information" box.

 

[Fulbert]

What a bizarrely fortunate time to have accidentally had my debit card blocked. And I thought I was unlucky.

 

[Aeshi]

It's at times like this I'm thankful I've never saved my Payment info when making a purchase.

 

[martyrdrebel27]

I was online, had some stupid clicker game running (it's got it's claws in me damnit!) while watching TV, decided to look for a game to tide me over till xcom 2 and suddenly my language is Russian, refresh, German, refresh, Spanish, refresh, never seen this language before, refresh, Russian, restarted the computer, reinstalled steam, all the same problems.

Just deleted everything and hope I get everything back in tact. My debit card is tied to it though.

I know how you feel, I have an embarrassing amount of hours logged on my steam account for Adventure Capitalist.

 

[JLF]

Hope they aren't just building a backdoor for ease of access.
They already have an immense amount of customer support requests now with also governmental requests on top of that. So I would not be surprised that they would try to automate the access for those requests.