Steam Hackers "Probably" Got Credit Card Info

[Soveru]

How nice of them to confirm this 3-4 months after the hacking. Even Sony didn't take this long to confirm that card details were stolen.

Now watch the Valve fanboys(95% of the people here) start saying how Valve had already said there was a possibility that card details were stole even though Gabe said "We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked."

Valve>Everyone else obviously

 

[Vrach]

Doesn't bother me either way, I use a specific credit card for online purchases and put money on it only when I'm about to buy something, so apart from the maximum 1-2 day windows for stuff like paying my TOR subscription (which is good for another 6 months anyway), they'd have under 5 euros to steal the rest of the time

 

[Pearwood]

Now this is how you handle a hacker crisis, be completely open about it.

Steam may have some issues, but at least they are open with there communications.

You're serious? I remember them saying their servers were hacked months ago. To put that in perspective the entire PSN thing was sorted in a matter of weeks. This is abysmal customer service and I really expected more. As another post pointed out earlier, thank God for PayPal.

 

[GothmogII]

Hah! I've only ever used temp. credit cards with Steam. Like to see them try to do anything with an expired VISA number

Though, hope no-one gets affected too badly by this.

 

[Signa]

I guess knowing that the data is still encrypted and that it's too old to be of use is enough comfort for me. With Sony I couldn't believe how little anyone did to prevent the wholesale theft of everyone's information.

 

[jedizero]

The difference between Valve and Sony is that Valve, immediately after finding out about this, alerted everyone, saying that there is a possibility that stuff was stolen. Sony, after finding out about this hack, waited several days, almost a week, before going "Oh by the way you guys, we might have gotten hacked."

 

[Redlin5_v1legacy]

I don't have a credit card or any info on my account nor did I have my steam account prior to 2011 so I think I'm in the clear.

 

[BDNeon]

Sony takes less then a week to inform customers of a potential credit card breach. Valve takes 4 months. Yet Sony are the monsters because they took too long, and Valve is innocent. I love internet logic.

 

[Eric the Orange]

Which is why I never save my payment data. Sure it's less convenient but I don't mind.

 

[Jodah]

Sony takes less then a week to inform customers of a potential credit card breach. Valve takes 4 months. Yet Sony are the monsters because they took too long, and Valve is innocent. I love internet logic.

Valve reported on it immediately after it happened. They said they recommend changing your info/card. Sony took a week to say ANYTHING the the community at large. That is the difference, and it is a big difference at that.

Basically this:

The difference between Valve and Sony is that Valve, immediately after finding out about this, alerted everyone, saying that there is a possibility that stuff was stolen. Sony, after finding out about this hack, waited several days, almost a week, before going "Oh by the way you guys, we might have gotten hacked."

 

[lacktheknack]

The credit card I used in 2008 is expired now, nothing to worry about.

 

[isometry]

Eye catching headlines trump accurate information, leaving out the word "encrypted" makes all the difference when it comes to sensationalizing this story. Even then I guess for the typical reader informed by the fantasy world of Hollywood movies, encryption might not seem secure. Of course in reality encryption is the only thing stopping people from driving around town picking up credit card numbers from wireless connections.

 

[Da Orky Man]

Arse. Started using Steam in 2008. But hey, AE256 should work. They may be able to crack it by the time the sun goes supernova.

 

[Soveru]

Sony takes less then a week to inform customers of a potential credit card breach. Valve takes 4 months. Yet Sony are the monsters because they took too long, and Valve is innocent. I love internet logic.

Valve reported on it immediately after it happened. They said they recommend changing your info/card. Sony took a week to say ANYTHING the the community at large. That is the difference, and it is a big difference at that.

Basically this:

The difference between Valve and Sony is that Valve, immediately after finding out about this, alerted everyone, saying that there is a possibility that stuff was stolen. Sony, after finding out about this hack, waited several days, almost a week, before going "Oh by the way you guys, we might have gotten hacked."

"We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked."

From Gabe himself. That was a few days after the hack and as far I can recall, there was nothing about the hacking after that. It is only 4 months later that we learn that credit card details might have been stolen.

 

[Yopaz]

Because they ALREADY said months ago that the hackers most likely got access to the server with the credit card info and stuff.

NOW they're saying that they DID get in, and made off with a backup copy of some transactions made, which included encrypted Card data.

So yeah, we already knew about this possibility, and this is just some extra confirmation.

Not quite. We were appraised of current information that Gabe bragged was uncrackable.

Well, they did get their hands on encrypted data. Or in simple terms data that can't be used without being decrypted. Data that is more or less useless because of how well it is encrypted. On top of that we now know that the encrypted credit card data is also useless because the credit card data is so old that all those cards have probably expired. This isn't really a big deal.

Sony takes less then a week to inform customers of a potential credit card breach. Valve takes 4 months. Yet Sony are the monsters because they took too long, and Valve is innocent. I love internet logic.

Sony worked a lot differently than Valve in this matter. PSN had a blackout and it took days before they they admit that they had been hacked. Then it turned out the magnitude of this was a lot bigger and they had actually compromised credit card data of their customers. A lot of downtime and a lot of stolen credit cards. Best part is that it happened 3 times during 2011 because they didn't want to update their security after being hacked once.
Valve discovered that their forum had been hacked and advised all their customers to change all their passwords within the same day. Then informed us that encrypted credit card data probably had been obtained. Then now 4 months later they are informing us that they got their hands on useless data. That's why people aren't mad at Valve.

 

[Metalrocks]

not to worried about it. i use paypal anyway for any steam purchase i make. but sure is a aggravation if this happens.