The problem was the web cache wasn't clearing properly, so the details of the previous transaction was appearing. Its not grand conspiracy theory, just someone forgot to change the cache away from the engine default in an update.JLF said:
Update: Steam Store Reveals Private User Information, Gets Shut Down
- Thread starter Steven Bogos
- Start date
That good if it was just human error. Even though one would hope errors like that should not be even possible.albino boo said:
And what comes to conspiracy theories the fact is that companies based in the US have an obligation to assist with all information requests which will increase workloads for companies. Especially Valve who has never been known to have a working customer support to date and also has an incredible amount of customers.
HA, my paranoia paid off finally
Have 2 bank accounts- primary and secondary
Secondary is dedicated to internet payments and is usually empty
Whenever I need to purchase something via internet, I transfer money from primary to secondary
Works like a charm.
Have 2 bank accounts- primary and secondary
Secondary is dedicated to internet payments and is usually empty
Whenever I need to purchase something via internet, I transfer money from primary to secondary
Works like a charm.
There's more that you can see than that though.Areloch said:
Home Address (well, technically billing address). Full name. You get the last 4 of the phone number so you can easily narrow somethin down between that and the area code from the billing address. Email address.
Considerin a lot of people do the things that everyone tells you is a nono (use the same email address for everythin, use easily guessable passwords, using the same password for everythin), any number of things could have been horribly compromised with that.
Lets not downplay this. This was a major fuckup that showed peoples personal information for no reason. What possible reason would Steam need to cache someones account details in such a way?
Not only that, but there was straight radio silence the entire time it was happening. The only reason people even knew what to do was a completely unaffiliated group told everyone what to do, even calling Valve out by saying they shouldn't be the ones having to do this but Valve was completely failing to do anything so they had to step up.
Fact checking? In a StevenSiesta45 said:
Surely you jest. Is this opposite day or something?
. . . . . . . . . . . . . . . . .
In all seriousness, the article is just grossly irresponsible. It suggests doing the very thing that could put your account in danger. And this isn't the first time Bogos has submitted an article like this.
How this guy is still published here is absolutely beyond me. It truly boggles the mind.
I have never liked steam and I hope that this at least opens a few eyes into everything wrong about the current system.
This was a tiny error, but constituted a huge privacy invasion. and not a word from steam about it.
What if the next time you can't access your bought games... or update them, install them, even play them?
I thought this would generate a great deal more of a reaction frankly.
Then again, "don't bite the hand that feeds you"... .. .right?
This was a tiny error, but constituted a huge privacy invasion. and not a word from steam about it.
What if the next time you can't access your bought games... or update them, install them, even play them?
I thought this would generate a great deal more of a reaction frankly.
Then again, "don't bite the hand that feeds you"... .. .right?
Agreed. Some rudimentary fact-checking before recommending "security measures" would be greatly appreciated.Vigormortis said:
Considering Steam just forced me to get a Phone App meant to protect my account from being hacked, delaying my ability to purchase items from/trade them on TF2, I find it odd that Steam seems to have screwed up somewhere and an issue like this happened. Luckily for me, I purchased no game on Christmas (I did get the first episode of King's Quest when the sale started), and I didn't have a Credit Card signed up to my account.
I guess I'll just have to wait until Tomorrow or Monday to get Undertale...
I guess I'll just have to wait until Tomorrow or Monday to get Undertale...
I'm assuming I'm safe for now due to no email of any purchasing being made nor was there any recent transaction on my bank account (in saying so it usualy take a day or so to show up online). In saying so I had delete my card info on steam to be on the safe now (I suppose it was a good thing I didn't buy any of the sales at the moment).
In saying so ain't some of us are still safe due to the security card numbers (the final safe guard) cos that one is NEVER store on any card info or has this leaked reveal it when you made a recent purchase?
In saying so ain't some of us are still safe due to the security card numbers (the final safe guard) cos that one is NEVER store on any card info or has this leaked reveal it when you made a recent purchase?
lol jeesh, by pure coincidence I brought my tower back to my parents house with me for christmas (bought a new mobo/cpu, was gonna install it and give my parents rig the old parts) and have been out of the nerd world for a couple of days, what luck to find out I missed on out on this debacle. Hopefully steam gets some solid backlash for this
Soooo, are they going to send out an email or anything? This is some seriously unprofessional shit. They accidentally spill confidential information about their users and they're not even going to inform them?
What the fuck happened to Valve?
What the fuck happened to Valve?
I dislike the way the story basically says "even though we can't confirm anything happened, you should probably remove credit card information."
And the way that it was cautioning people to do this even when other people were suggesting that it would put them at risk.
I'm not sure they ever changed. It's just that the blind faith people had in them has slowly been eroded. Valve's always been a shitty, anti-consumer company with policies that screwed us even as their face smiled and told us how valued we were. This just strikes me as a more obvious version of the same.
And the way that it was cautioning people to do this even when other people were suggesting that it would put them at risk.
I don't know, but I remember the days of that Sony shutdown, and everyone swearing up and down that Valve would never ever do this....Fappy said:
I'm not sure they ever changed. It's just that the blind faith people had in them has slowly been eroded. Valve's always been a shitty, anti-consumer company with policies that screwed us even as their face smiled and told us how valued we were. This just strikes me as a more obvious version of the same.
and these were the guys asking me to send them a scanned copy of my passport.... Yeah to hell with that idea.
Because it's how HTTP works.shintakie10 said:
It needs to take in inputs from you and/or it's storage server before building the page to send to you. It builds the page in a cache.
Normally it's declared not usable and promptly removed from the cache. For whatever reason it was not removing it or was very slow to remove it, so when the server tried to use that same cache memory it sent out the old data.
Couple of things to keep in mind.
1. This would effect you regardless of if you store information on there site.
2. This only effected users that were on shortly before and during the problems.
3. Trying to remove information during this type of problem can only increase your chances of people seeing your information. because you are creating more pages with your information in the cache.
you know at least when Sony fucked up the attack was out of their control, at least they had the balls to admit they fucked up and gave us free stuff in return. What did Valve do after they almost Fucked over the lives of most of their consumer. they stuck their fingers into their ears and went lalallalalalalalalalalal. This truly pisses me off that they didn't have the balls to help their uses and admit they messed up. they could've accidentally shown everyone passwords and credit card information due to their own incompetence and they're just going to pretend it never happened.Something Amyss said:
I wondered why, when logging in yesterday, that all my card details had gone. My credit card company is very good and e-mails me within 6 hours of a purchase being made with an option of "this purchase was not made by me". So I know nothing was bought. Alarming not to have had an notice of said actions about removal of details though.
Are you being serious? The Sony attack started April 17th to the 19th, Sony shut down PSN the 20th, then didn't even admit that 77 million PSN accounts, complete credit card info, address, full name, etc. had been released into the wild by lulsec until May 4th. Sony had to report to the US House of Representatives for such a massive personal information breach and to explain the delay in reporting the personal information breach to customers. Also no passwords were shown in this problem Valve had, also no credit card info beyond the last four digits. Sony released all your info into the wild, their response? Sorry for the delay and huge outage, here's a few cheap games limit of two per platform. I think I played one of them.tf2godz said:
That was the complaint, actually: Sony initially hid it, and then tried to downplay it. They gave us free stuff as a "make it go away" sort of deal.tf2godz said:
And Valve fans swore up and down that Valve would never, ever, ever do something like that and they would totally tell us if our security might be compromised. I doubted it then, and it seems there was some reality to that.