Steam Hacked
Our Steam forums were defaced on the evening of Sunday, November 6. We began investigating and found that the intrusion goes beyond the Steam forums.
We learned that intruders obtained access to a Steam database in addition to the forums. This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating.
We don't have evidence of credit card misuse at this time. Nonetheless you should watch your credit card activity and statements closely.
While we only know of a few forum accounts that have been compromised, all forum users will be required to change their passwords the next time they login. If you have used your Steam forum password on other accounts you should change those passwords as well.
We do not know of any compromised Steam accounts, so we are not planning to force a change of Steam account passwords (which are separate from forum passwords). However, it wouldn't be a bad idea to change that as well, especially if it is the same as your Steam forum account password.
We will reopen the forums as soon as we can.
I am truly sorry this happened, and I apologize for the inconvenience.
Gabe.
Valve looking into possible credit card theft
More information and what you should do
D:
This is not good. Steam users are advised to change their steam password and possibly change your other ones as well. Monitoring your credit card activity is recommended.
Kotaku is terrible, you should link to Rock Paper Shotgun instead.
Please do not Private Message me for assistance. Post a thread if you have questions or concerns.
If you need to contact the staff privately, contact the Global Moderators via Discord.
THE STEAM FORUMS ARE NOW BACK, ENJOY VISITING AT YOUR LEISURE
WOOHOO!
...That was fast.
An update about this topic:
We continue our investigation of last year's intrusion with the help of outside security experts. In my last note about this, I described how intruders had accessed our Steam database but we found no evidence that the intruders took information from that database. That is still the case.
Recently we learned that it is probable that the intruders obtained a copy of a backup file with information about Steam transactions between 2004 and 2008. This backup file contained user names, email addresses, encrypted billing addresses and encrypted credit card information. It did not include Steam passwords.
We do not have any evidence that the encrypted credit card numbers or billing addresses have been compromised. However as I said in November it's a good idea to watch your credit card activity and statements. And of course keeping Steam Guard on is a good idea as well.
We are still investigating and working with law enforcement authorities. Some state laws require a more formal notice of this incident so some of you will get that notice, but we wanted to update everyone with this new information now.
Gabe
I don't normally bring threads back from the dead, but I think this is pretty important.
My Work
[spoiler]Maps:
Revenge of the Angry Turrets
Capture the Cube [Co-op]
Capture the Cube 2 [Co-op]
TPWEGTH Sample Map
Aperture Aquatic Testing Center
Aperture Aquatic Testing Center 2
Aperture Time Testing Center
ML's Halloween Trick - 1000 downloads!
ML's Halloween Treat
ML's Combination - 1000 downloads!
ML's Jailbreak Labyrinth
ML's Tricky Teamwork [Co-op]
WIP:
"Capture the Cube 3"
Workshop Maps Link: http://steamcommunity.com/profiles/76561198008890579/myworkshopfiles/[/spoiler]