Update: Steam Store Reveals Private User Information, Gets Shut Down

Strelok

New member
Dec 22, 2012
494
0
0
tf2godz said:
Strelok said:
okay I mis-remembered things my bad but my point still stands. This is unacceptable and I hope they get sued because this.
Let's also not forget that Sony learned absolutely nothing from the 2011 attack and was brought to it's knees again 2014 by Lizard Squad with even more data leaked.

This video explains pretty well what happened to Steam, of particular interest should be the end of the video.

 

runic knight

New member
Mar 26, 2011
1,118
0
0
this is crazy. Valve needs to do more to address this than what they have. Granted it has been, what, a day? Not surprised if they haven't even figured out what all happened in terms of damages, let alone how to properly deal with it (wasn't the Sony hack something that lasted for days and took a while before Sony actually addressed it properly?). I'll give them a couple days to gather themselves and deal with it before I pull out the pitchforks and torches.

Still, between this and the paid mod stuff before, they are quickly flushing their lead in customer goodwill down the drain. Now hopefully this means they get their shit together and start back towards customer positive policies in hopes of winning back that goodwill, but I guess we will see.
 

Something Amyss

Aswyng and Amyss
Dec 3, 2008
24,759
0
0
tf2godz said:
okay I mis-remembered things my bad but my point still stands. This is unacceptable and I hope they get sued because this.
I can't remember Steam's EULA specifically, but in the US there's generally a limited liability for such stuff.
 

Strelok

New member
Dec 22, 2012
494
0
0
runic knight said:
Not surprised if they haven't even figured out what all happened in terms of damages, let alone how to properly deal with it.
You should watch the video, I don't think the damage will amount to much if anything. If you were one of the unlucky who was cached by the server all people could see was the last 4 digits of your credit card and last 4 digits of your phone number. If you tried to buy anything or make any changes the server attempts to re-authenticate and bypasses the cache so all you would see is an authentication error.
 

Elijin

Elite Muppet
Legacy
Feb 15, 2009
2,089
1,078
118
You guys get that this happened for an hour or two over the christmas weekend, right?

Like, you get that whoever is manning the station is almost definitely not someone who is really equipped or authorized to turn around and start talking to the community about this.

As a follow up challenge, any of you with managers in a large corporation, try and contact them during a christmas weekend. See what happens.
 

shirkbot

New member
Apr 15, 2013
433
0
0
Elijin said:
You guys get that this happened for an hour or two over the christmas weekend, right?

Like, you get that whoever is manning the station is almost definitely not someone who is really equipped or authorized to turn around and start talking to the community about this.

As a follow up challenge, any of you with managers in a large corporation, try and contact them during a christmas weekend. See what happens.
Counterpoint: Considering just how difficult it would be to address issues on Christmas Day, why were they tweaking anything at all? Also, how much authority do you really need to tell people you're trying to fix an obvious problem that is being widely reported?

Though I'll grant you that the all-clear should probably come from higher up once they are absolutely sure.

OT: I love how quickly Valve fixes something when it's messing with their income. Now if only they were that attentive to any other facet of Steam... Oh well, hopefully this will move a few people away from Steam so that we can get some actual competition going.
 

Vigormortis

New member
Nov 21, 2007
4,531
0
0
Strelok said:
You should watch the video, I don't think the damage will amount to much if anything. If you were one of the unlucky who was cached by the server all people could see was the last 4 digits of your credit card and last 4 digits of your phone number. If you tried to buy anything or make any changes the server attempts to re-authenticate and bypasses the cache so all you would see is an authentication error.
More over, I've yet to hear of even a single confirmed report of anyone having their accounts compromised, bank accounts drained, or any other such thing.

Oh sure, there've been loads of unconfirmed complaints about "someone bought a bunch of games with my account!" and "someone stole my Steam account because of this!", but not a one that I've seen has turned out to be true. The person either lied or grossly exaggerated what had happened.[footnote]I saw someone claiming he had his library of games stolen, but in reality all that had occurred was that his store page kept loading with Russian as the default language.[/footnote]

If someone has evidence for a substantiated claim, I'd love to see it. I'd also be curious how it happened, given the nature of the issue that occurred. Otherwise, what we have here is a coding error that lead to a very serious problem, but not one even remotely as bad as people are trying to make it out to be.
 

Strazdas

Robots will replace your job
May 28, 2011
8,407
0
0
tf2godz said:
you know at least when Sony fucked up the attack was out of their control, at least they had the balls to admit they fucked up and gave us free stuff in return. What did Valve do after they almost Fucked over the lives of most of their consumer. they stuck their fingers into their ears and went lalallalalalalalalalalal. This truly pisses me off that they didn't have the balls to help their uses and admit they messed up. they could've accidentally shown everyone passwords and credit card information due to their own incompetence and they're just going to pretend it never happened.
1. Sony apologized and gave free stuff over two weeks after the problem. So if Valve is going to do the same they are still very much on time. Also Sonys fuck up was multitude of times worse.

2. Valve has not fucked over the lives of their customers. Unlike in sonys case, there was no database leak.

3. It is absolutely impossible for this issue to result in ever showing your password to anyone and in worst case scenario they will know the last 4 digits of your credit card and your email address. information that, alone, is not enough to do anything.

krystalphoenix said:
I wondered why, when logging in yesterday, that all my card details had gone. My credit card company is very good and e-mails me within 6 hours of a purchase being made with an option of "this purchase was not made by me". So I know nothing was bought. Alarming not to have had an notice of said actions about removal of details though.
The problem that happened would not result in anyone being able to use your credit card. They would at best know 4 last digits of your card number, which is not enough anywhere.

Something Amyss said:
And Valve fans swore up and down that Valve would never, ever, ever do something like that and they would totally tell us if our security might be compromised. I doubted it then, and it seems there was some reality to that.
and Valve never did. This caching issue was nowhere near even close to the best case scenario in Sonys case.

Something Amyss said:
I can't remember Steam's EULA specifically, but in the US there's generally a limited liability for such stuff.
there could probably be a case for email accounts being visible without consent, but thats about it.
 

direkiller

New member
Dec 4, 2008
1,655
0
0
tf2godz said:
This is unacceptable and I hope they get sued because this.
For what exactly?
every person involved has zero provable damages from the result of this.
at best you could sue for card replacement fees done out of a preventive measure, but that's less then $30 if not free for some card holders, so it would not be worth it.