Steam Hacking Update

[Demon_Skeith]

Game company Valve has just sent more information about the hacking attacks against its Steam service.
According to Valve's president Gabe Newell: "It is probable that the intruders obtained a copy of a backup file with information about Steam transactions between 2004 and 2008. This backup file contained user names, email addresses, encrypted billing addresses and encrypted credit card information. It did not include Steam passwords."
Valve says it has no evidence that the information has been "compromised," so, presumably, the encryption is still in place. The company advises Steam users to "watch your credit card activity and statements. And of course keeping Steam Guard on is a good idea as well."
The full text of Valve's email is under the "Read More" tag.

Dear Steam Users and Steam Forum Users

We continue our investigation of last year's intrusion with the help of outside security experts. In my last note about this, I described how intruders had accessed our Steam database but we found no evidence that the intruders took information from that database. That is still the case.

Recently we learned that it is probable that the intruders obtained a copy of a backup file with information about Steam transactions between 2004 and 2008. This backup file contained user names, email addresses, encrypted billing addresses and encrypted credit card information. It did not include Steam passwords.

We do not have any evidence that the encrypted credit card numbers or billing addresses have been compromised. However as I said in November it's a good idea to watch your credit card activity and statements. And of course keeping Steam Guard on is a good idea as well.

We are still investigating and working with law enforcement authorities. Some state laws require a more formal notice of this incident so some of you will get that notice, but we wanted to update everyone with this new information now.

Gabe

source

from 04 to 08, most if not all credit cards would not be in use.

 

[hissae2]

People need to stop hacking

 

[Demon_Skeith]

People need to stop hacking

never happen.

 

[Ikram45]

It was atleast encrypted so in theory it shouldn't be visible!

 

[Demon_Skeith]

if they can get it, they can crack it.

 

[Ikram45]

if they can get it, they can crack it.

Which takes alot of time?

 

[Ghost]

Yes, but there are always ways to crack things. However, I am assuming that with certain passwords at long lengths and random characters, upper + lower case, symbols etc it could potentially take someone's whole entire life if not more to crack it (and that's the time added up that a cracker is running 24/7)