Page 1 of 2 12 LastLast
Results 1 to 16 of 28

Thread: News - Steam accounts hacked, Valve responds

  1. #1
    HEXUS.admin
    Join Date
    Apr 2005
    Posts
    31,709
    Thanks
    0
    Thanked
    2,060 times in 719 posts

    News - Steam accounts hacked, Valve responds

    User information stolen in Steam security breach.
    Read more.

  2. #2
    mush-mushroom b0redom's Avatar
    Join Date
    Oct 2005
    Location
    Middlesex
    Posts
    3,438
    Thanks
    174
    Thanked
    362 times in 279 posts
    • b0redom's system
      • Motherboard:
      • Some iMac thingy
      • CPU:
      • 3.4Ghz Quad Core i7
      • Memory:
      • 24GB
      • Storage:
      • 3TB Fusion Drive
      • Graphics card(s):
      • nViidia GTX 680MX
      • PSU:
      • Some iMac thingy
      • Case:
      • Late 2012 pointlessly thin iMac enclosure
      • Operating System:
      • OSX 10.8 / Win 7 Pro
      • Monitor(s):
      • Dell 2713H
      • Internet:
      • Be+

    Re: News - Steam accounts hacked, Valve responds

    Makes you wonder why people who are making bucket loads of cash from Internet based services aren't employing people who know how to architect a secure solution. It's like a bank storing all it's cash in hessian bags in the reception.

  3. #3
    Admin (Ret'd)
    Join Date
    Jul 2003
    Posts
    18,481
    Thanks
    1,016
    Thanked
    3,208 times in 2,281 posts

    Re: News - Steam accounts hacked, Valve responds

    See also Oids's thread

    Quote Originally Posted by b0redom View Post
    Makes you wonder why people who are making bucket loads of cash from Internet based services aren't employing people who know how to architect a secure solution. It's like a bank storing all it's cash in hessian bags in the reception.
    And then inviting the whole neighbourhood in for an open-house cheese and wine party.

  4. #4
    Senior Member Brewster0101's Avatar
    Join Date
    Dec 2007
    Location
    UK
    Posts
    2,614
    Thanks
    45
    Thanked
    54 times in 44 posts
    • Brewster0101's system
      • Motherboard:
      • Asus m5a99x evo
      • CPU:
      • AMD FX 8350
      • Memory:
      • 8GB (2x4) Corsair Vengence DDR3 1600mghz
      • Storage:
      • Western Green 3TB + Samsung 850Evo 512MB SSD, + 2TB NAS
      • Graphics card(s):
      • MSI 280X
      • PSU:
      • Corsair AXi760
      • Case:
      • Corsair 650D
      • Operating System:
      • Windows 10 Pro
      • Monitor(s):
      • LG 27" 27EA63 IPS LED
      • Internet:
      • 120Mb Bt

    Re: News - Steam accounts hacked, Valve responds

    I can't log in, can't get past the stupid human checker pattern crap thingy.

    FFS , getting well pissed off with all these hacker attacks. Now got to go and check everything and keep an eye out for odd account activity.

    Passwords needs to be a thing of the past. Every site should have a one random security question instead.
    Ie birth town, first child names, hair colour etc etc
    All random questions that are easy to remember.

  5. #5
    Technojunkie
    Join Date
    May 2004
    Location
    Up North
    Posts
    2,580
    Thanks
    239
    Thanked
    213 times in 138 posts

    Re: News - Steam accounts hacked, Valve responds

    Quote Originally Posted by Brewster0101 View Post
    Passwords needs to be a thing of the past. Every site should have a one random security question instead.
    Ie birth town, first child names, hair colour etc etc
    All random questions that are easy to remember.
    ..and very easy to crack - all with single word dictionary answers ?!
    Chrome & Firefox addons for BBC News
    Follow me @twitter

  6. #6
    Ninja Noxvayl's Avatar
    Join Date
    May 2007
    Location
    In the shadows
    Posts
    2,451
    Thanks
    748
    Thanked
    215 times in 173 posts
    • Noxvayl's system
      • Motherboard:
      • GigabyteZ87X-UD4H-CF
      • CPU:
      • Intel i7 4770K
      • Memory:
      • 16GB Corsair Vengaence LPX + 8GB Kingston HyperX Beast
      • Storage:
      • 120GB Snadisk + 256GB Crucial SSDs
      • Graphics card(s):
      • 4GB Sapphire R9 380
      • PSU:
      • ENermax Platimax 750W
      • Case:
      • Fractal Design Define S
      • Operating System:
      • Windows 10 64bit
      • Monitor(s):
      • ATMT + Dell 1024x1280
      • Internet:
      • Sky Fibre

    Re: News - Steam accounts hacked, Valve responds

    Valves game client Steam has not been touched... it was their forums and database that got hacked, big difference. In any case I'll go randomly generate some new Steam passwords.

    I don't have a forum account, only a support one which I think is separate again. I tend to use Paypal for steam payments although I wonder how my account details are stored on there... I'll check that this weekend to be safe. In any case my credit card is limited and my debit card only ever has just enough in it for my monthly bills, never more, just-in-case someone gets my details they can't do significant damage to my finance.

  7. #7
    Senior Member Brewster0101's Avatar
    Join Date
    Dec 2007
    Location
    UK
    Posts
    2,614
    Thanks
    45
    Thanked
    54 times in 44 posts
    • Brewster0101's system
      • Motherboard:
      • Asus m5a99x evo
      • CPU:
      • AMD FX 8350
      • Memory:
      • 8GB (2x4) Corsair Vengence DDR3 1600mghz
      • Storage:
      • Western Green 3TB + Samsung 850Evo 512MB SSD, + 2TB NAS
      • Graphics card(s):
      • MSI 280X
      • PSU:
      • Corsair AXi760
      • Case:
      • Corsair 650D
      • Operating System:
      • Windows 10 Pro
      • Monitor(s):
      • LG 27" 27EA63 IPS LED
      • Internet:
      • 120Mb Bt

    Re: News - Steam accounts hacked, Valve responds

    Quote Originally Posted by mikerr View Post
    ..and very easy to crack - all with single word dictionary answers ?!
    Not if its done correctly.

    My online banking asks for my user name, password then three random characters from 6 pre answered questions. I'm very happy with that. If someone is willing to get all the information to hack that , then they are welcome to the £5 in my account!

    Problem is everywhere online wants you to sign up with a user name and password. Most people will use the same user name and password over and over again. Then something like this happens and then you back to back track and change everything. Hopefully if you have any sense , anything related to money has different credentials , but I bet some people out there keep those details the same too.

    I think the optional security Facebook has with it notifying you if someone logs onto your account from a different IP address is a good feature.

  8. #8
    Senior Member Brewster0101's Avatar
    Join Date
    Dec 2007
    Location
    UK
    Posts
    2,614
    Thanks
    45
    Thanked
    54 times in 44 posts
    • Brewster0101's system
      • Motherboard:
      • Asus m5a99x evo
      • CPU:
      • AMD FX 8350
      • Memory:
      • 8GB (2x4) Corsair Vengence DDR3 1600mghz
      • Storage:
      • Western Green 3TB + Samsung 850Evo 512MB SSD, + 2TB NAS
      • Graphics card(s):
      • MSI 280X
      • PSU:
      • Corsair AXi760
      • Case:
      • Corsair 650D
      • Operating System:
      • Windows 10 Pro
      • Monitor(s):
      • LG 27" 27EA63 IPS LED
      • Internet:
      • 120Mb Bt

    Re: News - Steam accounts hacked, Valve responds

    Quote Originally Posted by ExHail View Post
    In any case my credit card is limited and my debit card only ever has just enough in it for my monthly bills, never more, just-in-case someone gets my details they can't do significant damage to my finance.
    All my spare cash is kept in a savings account that has no cards or ties to the internet, like you I never keep any large amount of cash in my current account any more.

  9. #9
    Senior Member Brewster0101's Avatar
    Join Date
    Dec 2007
    Location
    UK
    Posts
    2,614
    Thanks
    45
    Thanked
    54 times in 44 posts
    • Brewster0101's system
      • Motherboard:
      • Asus m5a99x evo
      • CPU:
      • AMD FX 8350
      • Memory:
      • 8GB (2x4) Corsair Vengence DDR3 1600mghz
      • Storage:
      • Western Green 3TB + Samsung 850Evo 512MB SSD, + 2TB NAS
      • Graphics card(s):
      • MSI 280X
      • PSU:
      • Corsair AXi760
      • Case:
      • Corsair 650D
      • Operating System:
      • Windows 10 Pro
      • Monitor(s):
      • LG 27" 27EA63 IPS LED
      • Internet:
      • 120Mb Bt

    Re: News - Steam accounts hacked, Valve responds

    Quote Originally Posted by Brewster0101 View Post

    I think the optional security Facebook has with it notifying you if someone logs onto your account from a different IP address is a good feature.
    Ok steam does this too. I couldn't log into my account from work and now I've just had an email from Steam regarding unauthorised access attempt from unknown IP.

  10. #10
    Ninja Noxvayl's Avatar
    Join Date
    May 2007
    Location
    In the shadows
    Posts
    2,451
    Thanks
    748
    Thanked
    215 times in 173 posts
    • Noxvayl's system
      • Motherboard:
      • GigabyteZ87X-UD4H-CF
      • CPU:
      • Intel i7 4770K
      • Memory:
      • 16GB Corsair Vengaence LPX + 8GB Kingston HyperX Beast
      • Storage:
      • 120GB Snadisk + 256GB Crucial SSDs
      • Graphics card(s):
      • 4GB Sapphire R9 380
      • PSU:
      • ENermax Platimax 750W
      • Case:
      • Fractal Design Define S
      • Operating System:
      • Windows 10 64bit
      • Monitor(s):
      • ATMT + Dell 1024x1280
      • Internet:
      • Sky Fibre

    Re: News - Steam accounts hacked, Valve responds

    I feel that security is worse and a friend of mine studying database systems agrees(referring to random questions with only a few characters asked for). Some forums I'm on have better security because I use randomly generated 21 character passwords that use all possible characters. Of course my weak point is accessing my password manager but that has an equivalent strength password and second security factor in the form of a personal grid which makes it impossible to crack without getting hold of both bits of information which are both encrypted in my account so you need to crack the passwords before you can get access to the passwords. Each factor of authentication is highly durable and as long as my password is longer than 12 characters would take a very long time to crack.

    As far as I know the best way to secure an account is allow the person to use a password but insist on having another factor on top of that- something people cant get control of easily and is not going to be easily linked with the account such as a mobile number you send a code to. This way the hacker has to somehow have access to your phone information in addition to cracking your password. Other multi-factor options are to send a code in an email, Google Authenticator or use a Yubikey.

    As such I am happy with Valves system of authorised computers and any new connections require a secondary code sent in email. I have the same with my Google account and Facebook, my bank seems to be the least secure online destination at the moment using multiple passwords that are all easy to crack.

  11. #11
    Senior Member watercooled's Avatar
    Join Date
    Jan 2009
    Posts
    11,459
    Thanks
    1,539
    Thanked
    1,024 times in 868 posts

    Re: News - Steam accounts hacked, Valve responds

    This reminds me actually, a few years back before I signed up I asked on Hexus about Steam; whether it was trustworthy/safe and was flamed by one member who essentially called me stupid, how could such a big/popular company be risky? You see, this is why I ask these questions. Sure no-one could have known at the time but to be so sure a company is safe is simply ignorant.

  12. #12
    jim
    jim is offline
    HEXUS.clueless jim's Avatar
    Join Date
    Sep 2008
    Location
    Location: Location:
    Posts
    11,435
    Thanks
    612
    Thanked
    1,639 times in 1,304 posts
    • jim's system
      • Motherboard:
      • Asus Maximus IV Gene-Z
      • CPU:
      • i5 2500K @ 4.5GHz
      • Memory:
      • 8GB Corsair Vengeance LP
      • Storage:
      • 1TB Sandisk SSD
      • Graphics card(s):
      • ASUS GTX 970
      • PSU:
      • Corsair AX650
      • Case:
      • Silverstone Fortress FT03
      • Operating System:
      • 8.1 Pro
      • Monitor(s):
      • Dell S2716DG
      • Internet:
      • 10 Mbps ADSL

    Re: News - Steam accounts hacked, Valve responds

    Some people just can't get this sort of thing through their thick skulls.

    I've signed up to a few sites recently which include an online wallet of some description, that I'm sure in some people's cases will hold several thousand pounds, and their password restrictions are comical. One required a password 7 characters long (not 8, not 6, exactly 7), and another one had to start with a number, could be only letters and numbers, and could be no longer than 8 characters.

    Uncrackable.

  13. Received thanks from:

    watercooled (11-11-2011)

  14. #13
    Gentoo Ricer
    Join Date
    Jan 2005
    Location
    Galway
    Posts
    11,048
    Thanks
    1,016
    Thanked
    944 times in 704 posts
    • aidanjt's system
      • Motherboard:
      • Asus Strix Z370-G
      • CPU:
      • Intel i7-8700K
      • Memory:
      • 2x8GB Corsiar LPX 3000C15
      • Storage:
      • 500GB Samsung 960 EVO
      • Graphics card(s):
      • EVGA GTX 970 SC ACX 2.0
      • PSU:
      • EVGA G3 750W
      • Case:
      • Fractal Design Define C Mini
      • Operating System:
      • Windows 10 Pro
      • Monitor(s):
      • Asus MG279Q
      • Internet:
      • 240mbps Virgin Cable

    Re: News - Steam accounts hacked, Valve responds

    But lets put *everything* we have up on the 'cloud', anyway!
    Quote Originally Posted by Agent View Post
    ...every time Creative bring out a new card range their advertising makes it sound like they have discovered a way to insert a thousand Chuck Norris super dwarfs in your ears...

  15. #14
    Senior Member oolon's Avatar
    Join Date
    Mar 2007
    Location
    London
    Posts
    2,294
    Thanks
    150
    Thanked
    302 times in 248 posts
    • oolon's system
      • Motherboard:
      • Asus P6T6
      • CPU:
      • Xeon w3680
      • Memory:
      • 3*4GB Kingston ECC
      • Storage:
      • 160GB Intel G2 SSD
      • Graphics card(s):
      • XFX HD6970 2GB
      • PSU:
      • Corsair HX850
      • Case:
      • Antec P183
      • Operating System:
      • Windows 7 Ultimate and Centos 5
      • Monitor(s):
      • Dell 2408WFP
      • Internet:
      • Be* Unlimied 6 down/1.2 up

    Re: News - Steam accounts hacked, Valve responds

    Quote Originally Posted by snootyjim View Post
    I've signed up to a few sites recently which include an online wallet of some description, that I'm sure in some people's cases will hold several thousand pounds, and their password restrictions are comical. One required a password 7 characters long (not 8, not 6, exactly 7), and another one had to start with a number, could be only letters and numbers, and could be no longer than 8 characters.
    Well my bank only lets me USE a 5 characters of my password combined with a 6 number pin.... When I took them to task about only using 5 characters. The response was...

    Blah...
    We take security very seriously
    Blah Blah....
    Your wrong
    Blah Blah.
    You can have longer passwords....
    Blah..

    They completely missed the point, The password boxes/number boxes are pre populated with character postions before you account number is entered. This As 5 characters is the shortest password this means that ONLY the first 5 characters are ever used! After all it cannot "know" you have a longer password. I did explain this fully in my email report but they were do stupid to be able to work out what the problem was and gave me a boiler plate answer.

    Dumb asses its been like that for 5 years.
    (\__/) All I wanted in the end was world domination and a whole lot of money to spend. - NMA
    (='.*=)
    (")_(*)

  16. #15
    Senior Member watercooled's Avatar
    Join Date
    Jan 2009
    Posts
    11,459
    Thanks
    1,539
    Thanked
    1,024 times in 868 posts

    Re: News - Steam accounts hacked, Valve responds

    I think my bank have taken a step in the right direction, now they ask for your password and, provided you get that right, you go to the next page where it asks for 3 random characters out of your 'memorable information' with a drop-down list (guards against keyloggers).

  17. #16
    Speculation Junkie
    Join Date
    Jun 2011
    Location
    Durham
    Posts
    411
    Thanks
    42
    Thanked
    16 times in 13 posts
    • EvanJackPenn's system
      • Motherboard:
      • ASUS Maximus V GENE
      • CPU:
      • Intel Core i5-3570k @ 4.4GHz w/ Corsair H100
      • Memory:
      • 8GB Corsair Vengeance 1600MHz @ CAS 9
      • Storage:
      • 500GB Samsung 850, 2TB Seagate Barracuda Green
      • Graphics card(s):
      • MSI RX480 8GB
      • PSU:
      • BeQuiet E9 480W
      • Case:
      • Fractal Arc Mini
      • Operating System:
      • Windows 10, 64-bit
      • Monitor(s):
      • LG IPS235V, Dell E172FPt
      • Internet:
      • Crappy Sky

    Re: News - Steam accounts hacked, Valve responds

    The security leak wasn't the fault of Valve engineers though - it's VBulletin's fault (IMO).

    Anyways, if they're to get into my Steam they will need my Steam username and password, my email username and password, and my phone. How I love 2-step verification

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •