Steam Hackers "Probably" Got Credit Card Info

lRookiel

Lord of Infinite Grins
Jun 30, 2011
2,821
0
0
I changed my password since then so I don't have to worry, also I use paypal :3
 

Xannidel

New member
Feb 16, 2011
352
0
0
One idea I like is prepaid cards. After the PSN attack I promised to never use my card to purchase games on the PSN and would rather buy their cards. More websites should use this as well. Of course I can't find a bad side to using pre paid cards so I am sure someone can find a flaw in that.
 

jedizero

New member
Feb 26, 2009
221
0
0
Xannidel said:
One idea I like is prepaid cards. After the PSN attack I promised to never use my card to purchase games on the PSN and would rather buy their cards. More websites should use this as well. Of course I can't find a bad side to using pre paid cards so I am sure someone can find a flaw in that.
Pre-paid cards basically take your money and make it fake money that only Sony accepts. Leave it on a credit card, or debit card, and it stays legal tender.
 

Dogstile

New member
Jan 17, 2009
5,093
0
0
Soveru said:
Jodah said:
BDNeon said:
Sony takes less then a week to inform customers of a potential credit card breach. Valve takes 4 months. Yet Sony are the monsters because they took too long, and Valve is innocent. I love internet logic.
Valve reported on it immediately after it happened. They said they recommend changing your info/card. Sony took a week to say ANYTHING the the community at large. That is the difference, and it is a big difference at that.

Basically this:

jedizero said:
The difference between Valve and Sony is that Valve, immediately after finding out about this, alerted everyone, saying that there is a possibility that stuff was stolen. Sony, after finding out about this hack, waited several days, almost a week, before going "Oh by the way you guys, we might have gotten hacked."
"We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked."

From Gabe himself. That was a few days after the hack and as far I can recall, there was nothing about the hacking after that. It is only 4 months later that we learn that credit card details might have been stolen.
But he still said that there was a breach and he did warn people to be careful. Sony didn't even do that. Big difference.

And before you accuse, no, i'm not fond of valve.

Edit: In fact, next time, post everything he said, not just once sentence. Otherwise you're just taking one thing he said out of context and making a big deal out of it.

Then again, maybe I can just recognise it because British tabloids do it all the time.
 

oktalist

New member
Feb 16, 2009
1,603
0
0
This is a really fantastic investigation job from Valve to figure out exactly what was done.

Since they will probably never tell us how the attackers gained access, we can't really judge whether there was any negligence there or if it was something they couldn't have been expected to anticipate.
 

Weaver

Overcaffeinated
Apr 28, 2008
8,977
0
0
1) All they got was a huge as fuck encrypted database that is hashed and salted. It won't be broken.

If, as someone in this thread said, they used AES 256 it would take, assuming 2^56 operations a second 50,955,671,114,250,072,156,962,268,275,658,377,807,020,642,877,435,085 years to break the database. http://en.wikipedia.org/wiki/Brute-force_attack

The standard tricks to reduce this number in AES encryption reduce that by a factor of 4. The world won't exist at that point.

It's the equivalent of robbing a safe full of information, but the thieves can't actually find a way to open the safe. They have it, but it's just sitting in their house.

2) Even if by some miracle they broke the database, if it's from 2008 my credit card has been re-issued and re-numbered since then.