Valve's Steam platform is in danger of turning into a nightmare similar to Sony's PlayStation Network hack earlier this year. Gabe Newell, co-founder of Valve informed users that they've detected hackers have accessed a database with encrypted info. Newell's just not sure if any credit card info was stolen yet.
In what is surely a "Holy sh!t! Noooo!" moment for Valve, the company is in the midst of investigating whether or not the situation is simply bad or really bad.
Writing to Steam users, Newell states:
We learned that intruders obtained access to a Steam database in addition to the forums. This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating.
We don't have evidence of credit card misuse at this time. Nonetheless you should watch your credit card activity and statements closely.
Valve and Newell aren't resetting all Steam members' passwords yet (only forum users will have to change them for now), but we think it's better to be safe than sorry and act fast. We advise Steam customers to start changing those passwords anyway.
Newell might be sorry that Steam's been hacked — and we are too — but if there's any lesson to learn, it's that any platform can be hacked. Nothing's really secure. It's only as protected until it's hacked — and that applies to PSN, Steam, Xbox Live, bank accounts, or any digital data.
We just hope Valve gets to the bottom of the hacks and can tell everybody their credit cards and personal data hasn't been stolen — otherwise it's going to be hell for their PR team.
Via Ars Technica