Gabe Newell Says Steam Hack Is Worse Than Expected
- Thread starter Andy Chalk
- Start date
I've never bought a Steam game with my credit card and with Steam Guard they won't even be able to do anything with my password, if they have it. So, I'm not really worried but I'm still going to change my password.
*old man's voice*
Back in my day, people wouldn't steal credit card information. If they wanted money, they'd simply go and rob a bank.
*old man's voice*
Back in my day, people wouldn't steal credit card information. If they wanted money, they'd simply go and rob a bank.
Steam Guard
Use Paypal
Dont save paypal info
Live in the EU, so you can have fun with my billing address, we have laws to protect me from you using that info to take my money xD.
Steam Guard
Use diff passwords
Steam Guard
I dont wanna hear more complaints that Steam is bad again, the fact that it can get hacked and i STILL dont get worried, tells wonders about how good it is.
Use Paypal
Dont save paypal info
Live in the EU, so you can have fun with my billing address, we have laws to protect me from you using that info to take my money xD.
Steam Guard
Use diff passwords
Steam Guard
I dont wanna hear more complaints that Steam is bad again, the fact that it can get hacked and i STILL dont get worried, tells wonders about how good it is.
On its own, not a huge deal.
Since it's hashed and salted, depending on the algorithm used, it's probably not a huge deal. Still better to change your password, to be on the safe side.
BFD
I take it the addresses aren't encrypted? This could pose a security issue, if they can also get the card info. However, depending on how well the card info is encrypted it may not be a huge deal.
It's reassuring that we probably don't have to worry, and even more reassuring that Valve is continuing to investigate anyway.
All in all, I don't think this is much cause for concern, and I think Valve is handling it exactly as they should. Sony, take note!
P.S. Thanks
I had the same issue I just had to try again in 30 min. Many people are changing passwords today me thinks.Wicky_42 said:... I can't seem to change my passwordThey "can't process my request". Well, that's annoying...
I am annoyed that it happened but glad I was told about it rather than them saying oh no worries I am sure you are all fine, no need to tell you.
i'm sure if you can prove to valve that the hack has created a new person, they'll happily give you a free copy of portal 2. in the meantime, those of us affected won't hold our collective breath.Gennadios said:
this sucks, but i hope this news is the most it sucks. it'd be nice to not have to cancel my card, since my bank is made of jerks.
I'm glad I use temporary e-cards from my bank when I buy steam games, they can't misuse a card that doesn't exist. ^^
I don't really feel the need to change my password though. You can't log in from a new computer without a code they send to your email, and I have a completely different password for that... Plus I'm just too bloody lazy.
I don't really feel the need to change my password though. You can't log in from a new computer without a code they send to your email, and I have a completely different password for that... Plus I'm just too bloody lazy.
Why rob the friendly neighborhood bank? Because of money.TitanAtlas said:
OT: Oh, yay. I'm not worried, I've found out hard way that Steam Guard works fantastically.
Yeah, kudos to Steam for not getting their panties in a twist and releasing what seems to be a pretty comprehensive explanation of the situation. It's a shame that it's happened to them, but given that the data was encrypted people should have plenty of time to change details they may feel have been compromised, rather than finding out weeks after the event the extent of the problem. Or at least, I hope that's how it works, lol2fish said:I had the same issue I just had to try again in 30 min. Many people are changing passwords today me thinks.Wicky_42 said:... I can't seem to change my password
I am annoyed that it happened but glad I was told about it rather than them saying oh no worries I am sure you are all fine, no need to tell you.
This is how companies shhould react when faced with hackings. They explained the faxcts clearly, consisely and honestly, then apologised and offered advice.
Steamguard should protect account HAAAX, and HOPEFULLY gaben keeps our credit card information where he keeps his food.
You are right. It can take weeks (Per account, possibly) to break the encryption user accounts were under.Wicky_42 said:Yeah, kudos to Steam for not getting their panties in a twist and releasing what seems to be a pretty comprehensive explanation of the situation. It's a shame that it's happened to them, but given that the data was encrypted people should have plenty of time to change details they may feel have been compromised, rather than finding out weeks after the event the extent of the problem. Or at least, I hope that's how it works, lol2fish said:I had the same issue I just had to try again in 30 min. Many people are changing passwords today me thinks.Wicky_42 said:... I can't seem to change my password
I am annoyed that it happened but glad I was told about it rather than them saying oh no worries I am sure you are all fine, no need to tell you.
Realistically they should have shown already. Given that Steam is hashed and salted, and Steamguarded, the hackers will have to take control of the accounts before the passwords are changed.mateushac said:
Unless they're trying to trojan Steam itself...in which case it's a battle between Steam/Hackers, which is unlikely to affect us at all.
Even if they've got right into Steam, the chance of them hacking anyone has to be a million to 1, yet still they come.
Getting into Steam, reasonably easy: for them. Getting out with anything? That's tough. Going back in with that information? Near impossible.
The risk is still there of course, but you know how many people use Steam. And not one has screamed "I'VE BEEN HAXXORD!"? That's a damn solid system.
Question. Steam always makes me enter a code everytime I try and login from a different computer - heck, even a different browser from the same computer. So if someone did manage to get hold of my password, I'd know about it because I'd get an email saying "you have tried to log in from a new location" and they wouldn't be able to get in unless they had also hacked my email, right?
Even if this is the case, it's really good to see Newell coming out early to address the issue. Pay attention, Sony.
Even if this is the case, it's really good to see Newell coming out early to address the issue. Pay attention, Sony.
Your avatar will haunt my dreams tonight, I hope you're happy with yourself.Ldude893 said:
OT: Go Gabe Newell for telling us, et cetera.
If this hack happened on Sunday, why did it take so long for them to get notification out?
Granted, it isn't nearly as bad as Sony's example earlier in the year...but shouldn't we have been informed earlier? Am I wrong in thinking that mass notification within 24 hours of the incident is realistic?
Granted, it isn't nearly as bad as Sony's example earlier in the year...but shouldn't we have been informed earlier? Am I wrong in thinking that mass notification within 24 hours of the incident is realistic?