Valve Asks Users to Keep An Eye On Their Credit Card Usage

btarunr · Feb 10, 2012

In November 2011, Valve admitted that its Steam forums were hacked, and some user data including encrypted credit card information and hashed passwords were stolen, and that pending investigation, it asked users to change their Steam passwords. Valve noted that at that time, it had not seen any evidence of encrypted data being hacked. Today, Valve issued an update to all its Steam members via e-mail, where it notified them that investigation is still in progress, that Valve is taking help of external agencies to investigate, and that it still sees no evidence of encrypted credit card data being tampered with. As a note of caution, though, it asked users to keep an eye on their credit card activity and statements.

The transcript of Valve's email to Steam users follows.

Dear Steam Users and Steam Forum Users

We continue our investigation of last year's intrusion with the help of outside security experts. In my last note about this, I described how intruders had accessed our Steam database but we found no evidence that the intruders took information from that database. That is still the case.

Recently we learned that it is probable that the intruders obtained a copy of a backup file with information about Steam transactions between 2004 and 2008. This backup file contained user names, email addresses, encrypted billing addresses and encrypted credit card information. It did not include Steam passwords.

We do not have any evidence that the encrypted credit card numbers or billing addresses have been compromised. However as I said in November it's a good idea to watch your credit card activity and statements. And of course keeping Steam Guard on is a good idea as well.

We are still investigating and working with law enforcement authorities. Some state laws require a more formal notice of this incident so some of you will get that notice, but we wanted to update everyone with this new information now.

Gabe

View at TechPowerUp Main Site

mtosev · Feb 10, 2012

I haven't changed my Steam account password. should I worry? i'm not registered on the steam forum

Crap Daddy · Feb 10, 2012

Haven't changed my password then and my credit card is in fact a debit card and my bank account is empty most of the time.

WhiteLotus · Feb 10, 2012

Crap Daddy said:
Haven't changed my password then and my credit card is in fact a debit card and my bank account is empty most of the time.

These days the banks will let that money go out, and then charge you a fortunate for allowing your account to get like that. Best to keep an eye out.

Kantastic · Feb 10, 2012

WhiteLotus said:
These days the banks will let that money go out, and then charge you a fortunate for allowing your account to get like that. Best to keep an eye out.

I made sure that my card cannot be overdrawn.

CJCerny · Feb 10, 2012

That credit card data is encrypted to hell and back--very little chance they will be able to unencrypt it and reassemble it. It is possible but, at best, they'll get just a handle of cards--definitely not all the users.

mrw1986 · Feb 10, 2012

Kantastic said:
I made sure that my card cannot be overdrawn.

Here's something most people don't know about that feature...

The only kind of purchase that won't overdraw your account is if it's swiped physically. Making purchases online and EFT's will still overdraw your account. How do I know? I accidentally overdrew my account with an online purchase even though I used my debit card. They refunded me the charge because of a misunderstanding, but the new regulation clearly states it only prevents overdraws from an actual swipe of the card.

Edit: Also, as far as I know this is a standard regulation set down by the government. It's part of the opt-in/opt-out overdraw legislature.

stinger608 · Feb 10, 2012

And that is why I only use my PayPal account for Steam, Amazon, NewEgg, etc...

PayPal is a PITA and many will flame the hell out someone using their services, however none of your credit card/debit card information is forwarded to online retailers.

DRDNA · Feb 10, 2012

Hmmm...I wonder why I never received the email warning from steam? I just double triple checked too. :confused:

nickbaldwin86 · Feb 10, 2012

reason why I never put a debit/credit card on file at Steam... Paypal FTW! :rockout:

Disruptor4 · Feb 10, 2012

The details from my billing address are default to a non existent address and billing details are not in there AFAIK.

RejZoR · Feb 10, 2012

Interesting, i never got any e-mail notification from Valve regarding this matter. I only found out about all this on various forums.

theJesus · Feb 10, 2012

stinger608 said:
And that is why I only use my PayPal account for Steam, Amazon, NewEgg, etc...

PayPal is a PITA and many will flame the hell out someone using their services, however none of your credit card/debit card information is forwarded to online retailers.

Amazon doesn't accept PayPal . . .

Mussels · Feb 11, 2012

DRDNA said:
Hmmm...I wonder why I never received the email warning from steam? I just double triple checked too.

i didnt get it either. maybe they only sent it to the region who's files got hacked?

RejZoR · Feb 11, 2012

Are you sure? I've ordered some stuff from Amazon UK and i think my sister paid with PayPal. Or do they store credit card info like Steam does?

theJesus · Feb 11, 2012

Mussels said:
i didnt get it either. maybe they only sent it to the region who's files got hacked?

I think it's just for people registered on the forums.

RejZoR said:
Are you sure? I've ordered some stuff from Amazon UK and i think my sister paid with PayPal. Or do they store credit card info like Steam does?

They store CC info.

cadaveca · Feb 11, 2012

theJesus said:
I think it's just for people registered on the forums.

Nope, forum member, no email here.

I don't use CC or paypal for STEAM, so I don't care, nothing to be lost. But checking billing statements is always a good idea.

I get charged by the utility company for bloody rainfall, in land drainage charges, for example. Talking to my neighbours, very few even knew that was a charge.

Bjorn_Of_Iceland · Feb 11, 2012

nickbaldwin86 said:
reason why I never put a debit/credit card on file at Steam... Paypal FTW!

But then you placed your debit/credit card detail on paypal so.. your back to square one.

BlackOmega · Feb 11, 2012

mrw1986 said:
Here's something most people don't know about that feature...

The only kind of purchase that won't overdraw your account is if it's swiped physically. Making purchases online and EFT's will still overdraw your account. How do I know? I accidentally overdrew my account with an online purchase even though I used my debit card. They refunded me the charge because of a misunderstanding, but the new regulation clearly states it only prevents overdraws from an actual swipe of the card.

Edit: Also, as far as I know this is a standard regulation set down by the government. It's part of the opt-in/opt-out overdraw legislature.

That depends on the bank. I have my account set up the same as you, however, my bank will not allow it to get overdrawn regardless of whether iys physically swiped oe used online. Only caveat, any auto payments will still go through. Auto payments such as a recurring bill that comes out that you specifically setup through the bank. Steam and paypal do not apply to the autopay definition..

AsRock · Feb 11, 2012

cadaveca said:
Nope, forum member, no email here.

I don't use CC or paypal for STEAM, so I don't care, nothing to be lost. But checking billing statements is always a good idea.

I get charged by the utility company for bloody rainfall, in land drainage charges, for example. Talking to my neighbours, very few even knew that was a charge.

LMAO, we live in a house which has be devided into 2 places and there is one drainage system but both get charged.

Now you going have people putting plastic sheets over there houses and yard when it rains loool.

O yeah no email here either. Which if true they only sent them to who might of been had id stolen would mean there not telling the whole truth.

Mussels · Feb 11, 2012

AsRock said:
O yeah no email here either. Which if true they only sent them to who might of been had id stolen would mean there not telling the whole truth.

no it doesnt. it means they're emailing the small percentage who were at risk.

american server but australian customer - why send me an email?

RejZoR · Feb 11, 2012

Well, crooks don't really care if you're american, australian, slovenian or an alien. If you have a credit card that they can charge, they will.

RejZoR · Feb 11, 2012

It turned out the message is not delivered through e-mail but through Steam when you login. Got it like an hour ago.

ypsylon · Feb 11, 2012

Who the hell in the right frame of mind using $team anyway? Bloody trojan and spyware in disguise.

RejZoR · Feb 11, 2012

I'm not sure where you're pulling this nonsense from, but Steam is nothing like trojan or spyware.

System Name	RBMK-1000
Processor	AMD Ryzen 7 5700G
Motherboard	ASUS ROG Strix B450-E Gaming
Cooling	DeepCool Gammax L240 V2
Memory	2x 8GB G.Skill Sniper X
Video Card(s)	Palit GeForce RTX 2080 SUPER GameRock
Storage	Western Digital Black NVMe 512GB
Display(s)	BenQ 1440p 60 Hz 27-inch
Case	Corsair Carbide 100R
Audio Device(s)	ASUS SupremeFX S1220A
Power Supply	Cooler Master MWE Gold 650W
Mouse	ASUS ROG Strix Impact
Keyboard	Gamdias Hermes E2
Software	Windows 11 Pro

System Name	Core i9 rig / Lenovo laptop
Processor	Core i9 10900X / Core i5 8350U
Motherboard	Asus Prime X299 Edition 30 / Lenovo motherboard
Cooling	Corsair H115i PRO RGB / stock cooler
Memory	Gskill 4x8GB 3600mhz / 16GB 2400mhz
Video Card(s)	Asus ROG Strix RTX 2080 Super / UHD 620
Storage	Samsung SSD 970 PRO 1TB / Samsung OEM 256GB NVMe
Display(s)	Dell UltraSharp UP3017 / Full HD IPS touch
Case	Coolermaster mastercase H500M
Audio Device(s)	Onboard sound
Power Supply	Enermax Platimax 1700 watt / Lenovo 65watt power adapter
Mouse	Logitech M500s
Keyboard	Cherry
Software	Windows 11 Pro / Windows 11 Pro

System Name	Old Fart / Young Dude
Processor	2500K / 6600K
Motherboard	ASRock P67Extreme4 / Gigabyte GA-Z170-HD3 DDR3
Cooling	CM Hyper TX3 / CM Hyper 212 EVO
Memory	16 GB Kingston HyperX / 16 GB G.Skill Ripjaws X
Video Card(s)	Gigabyte GTX 1050 Ti / INNO3D RTX 2060
Storage	SSD, some WD and lots of Samsungs
Display(s)	BenQ GW2470 / LG UHD 43" TV
Case	Cooler Master CM690 II Advanced / Thermaltake Core v31
Audio Device(s)	Asus Xonar D1/Denon PMA500AE/Wharfedale D 10.1/ FiiO D03K/ JBL LSR 305
Power Supply	Corsair TX650 / Corsair TX650M
Mouse	Steelseries Rival 100 / Rival 110
Keyboard	Sidewinder/ Steelseries Apex 150
Software	Windows 10 / Windows 10 Pro

System Name	Vintage
Processor	i7 - 3770K @ Stock
Cooling	Scythe Zipang II
Memory	2x4GB Crucial DDR3
Video Card(s)	MSI GTX970
Storage	M4 124GB SSD// WD Black 640GB// WD Black 1TB//Samsung F3 1.5TB
Display(s)	Samsung SM223BW 21.6"
Case	Generic
Power Supply	Corsair HX 520W
Software	Windows 7

System Name	Dust Collector
Processor	AMD Ryzen 5 3600X
Motherboard	Asus B550I Aorus Pro WiFi AX
Cooling	Alpenfohn Black Ridge V2 w/ Noctua NF-A9x14
Memory	Corsair Vengeance LPX 16GB DDR4 3200MHz/CL16
Video Card(s)	Power Color Red Dragon RX 5700 XT
Storage	Samsung EVO+ 500GB NVMe
Display(s)	Dell S2721DGF
Case	Dan Case A4
Power Supply	Corsair SF600 Platinum
Mouse	Logitech G603
Keyboard	Logitech G613

Valve Asks Users to Keep An Eye On Their Credit Card Usage

btarunr

Editor & Senior Moderator

mtosev

Crap Daddy

WhiteLotus

Kantastic

CJCerny

mrw1986

stinger608

Dedicated TPU Cruncher & Folder

DRDNA

nickbaldwin86

Disruptor4

RejZoR

theJesus

Mussels

Freshwater Moderator

RejZoR

theJesus

cadaveca

My name is Dave

Bjorn_Of_Iceland

BlackOmega

AsRock

TPU addict

Mussels

Freshwater Moderator

RejZoR

RejZoR

ypsylon

RejZoR

System Name	Main Rig
Processor	Athlon 5350
Motherboard	AsRock mITX
Memory	4gb
Storage	120gb Kingston HyperX SSD
Display(s)	Samsung Syncmaster 740N
Power Supply	Corsair 430 watt

Processor	Intel i7-5930k
Motherboard	ASRock Taichi X99
Cooling	Phanteks PH-TC14PE
Memory	4x8GB HyperX FURY DDR4-2666 15-17-17-15
Video Card(s)	MSI GTX 1070 Gaming X 8G
Storage	1x Plextor PX-512M6S SSD, 1x WD 750gb HDD, 2x Hitachi 2TB HDD, 1x Seagate 4TB HDD
Display(s)	2x Dell P2314H
Case	Fractal Define R4
Audio Device(s)	Onboard
Power Supply	Corsair AX860i
Mouse	ROCCAT Kone Pure Color White
Keyboard	Corsair K95 RGB - Cherry MX Brown
Software	Windows 10 Professional x64

System Name	Dean Machine/2020 Ryzenfall
Processor	Intel 4790K/AMD Ryzen 5800X
Motherboard	MSI 1150 Gaming mATX/Asus ROG STRIX B550-F Gaming Wifi
Cooling	Cooler Master Hyper 212 LED/SilverStone AH240 AIO
Memory	16 gigs Crucial Ballistix Tactical Tracer/32 gigs G.Skill TridentZ NEO DDR4
Video Card(s)	Gigabyte 1660 Super/EVGA GTX 1080 FTW Hybrid Gaming
Storage	Crucial SSD 256 and 2TB spinner/Dual Samsung 980 Pro M2 NVME 4.0
Display(s)	Overlord 27" 2560 x 1440
Case	Corsair Air 540
Audio Device(s)	On board
Power Supply	Seasonic modular 850 watt Platinum/EVGA T2-850 Titanium
Software	Windows 10 Pro/Windows 10 Pro

Processor	INTEL CORE I9-9900K @ 5Ghz all core 4.7Ghz Cache @1.305 volts
Motherboard	ASUS PRIME Z390-P ATX
Cooling	CORSAIR HYDRO H150I PRO RGB 360MM 6x120mm fans push pull
Memory	CRUCIAL BALLISTIX 3000Mhz 4x8 32gb @ 4000Mhz
Video Card(s)	EVGA GEFORECE RTX 2080 SUPER XC HYBRID GAMING
Storage	ADATA XPG SX8200 Pro 1TB 3D NAND NVMe,Intel 660p 1TB m.2 ,1TB WD Blue 3D NAND,500GB WD Blue 3D NAND,
Display(s)	50" Sharp Roku TV 8ms responce time and Philips 75Hz 328E9QJAB 32" curved
Case	BLACK LIAN LI O11 DYNAMIC XL FULL-TOWER GAMING CASE,
Power Supply	1600 Watt
Software	Windows 10

System Name	Red 101
Processor	9th Gen Intel Core i9-9900k
Motherboard	EVGA Z370 Classified
Cooling	Custom Primochill and Heatkiller water cooling loop
Memory	16GB of Gskill 3200Mhz CL14
Video Card(s)	EVGA GeForce GTX 1080 FTW2 with Heatkiller block @2114Mhz
Storage	4- Samsung Evo 250GB, 1- Pro 512GB and 1-512GB M.2
Display(s)	LG 38" UW
Case	In Win 101 customized a lot and painted red
Audio Device(s)	Razer Kraken 7.1 Chroma
Power Supply	EVGA 850w G2
Mouse	Razer DeathAdderv2
Keyboard	Razer Ornata Chroma
Software	Win10Pro and games
Benchmark Scores	NA

System Name	Uh, my build?
Processor	Intel Core i7 3770k 3.5GHz (3.9GHz turbo)
Motherboard	Gigabyte Z77X-UD5H (F8 BIOS)
Cooling	Coolermaster Hyper 212 Evo
Memory	G.Skill 8GB DDR3 1600MHz CL9
Video Card(s)	Gigabyte Radeon HD7970 3GB 1GHz Core/5.5GHz Memory
Storage	SanDisk Extreme Pro 960GB & 2TB WD Black & 1TB WD Green
Display(s)	1x Samsung 23" Syncmaster P2350 1x LG 23"
Case	Coolermaster HAF X
Audio Device(s)	Onboard now since store didn't RMA properly
Power Supply	Corsair HX 850W
Software	Win 10 Pro 64bit
Benchmark Scores	3DMark 11 - P8456 - http://3dmark.com/3dm11/3372758

System Name	Desktop\|\| Virtual Host 0
Processor	Intel Core i5 2500-K @ 4.3ghz \|\| 2x Xeon L5630 (total 8 cores, 16 threads)
Motherboard	ASUS P8Z68-V \|\| Dell PowerEdge R710 (Intel 5520 chipset)
Cooling	Corsair Hydro H100 \|\| Stock hotplug fans and passive heatsinks
Memory	4x4gb Corsair Vengeance DDR3 1600 \|\| 12x4gb Hynix DDR3 1066 FB-DIMMs
Video Card(s)	MSI GTX 760 Gaming Twin Frozr 4GB OC \|\| Don't know, don't care
Storage	Hitachi 7K3000 2TB \|\| 6x300gb 15k rpm SAS internal hotswap, 12x3tb Seagate NAS drives in enclosure
Display(s)	ViewSonic VA2349S \|\| remote iDRAC KVM console
Case	Antec P280 \|\| Dell PowerEdge R710
Audio Device(s)	HRT MusicStreamer II+ and Focusrite Scarlett 18i8 \|\| Don't know, don't care
Power Supply	SeaSonic X650 Gold \|\| 2x870w hot-swappable
Mouse	Logitech G500 \|\| remote iDRAC KVM console
Keyboard	Logitech G510 \|\| remote iDRAC KVM console
Software	Win7 Ultimate x64 \|\| VMware vSphere 6.0 with vCenter Server 6.0
Benchmark Scores	Over 9000 on the scouter

System Name	Rainbow Sparkles (Power efficient, <350W gaming load)
Processor	Ryzen R7 5800x3D (Undervolted, 4.45GHz all core)
Motherboard	Asus x570-F (BIOS Modded)
Cooling	Alphacool Apex UV - Alphacool Eisblock XPX Aurora + EK Quantum ARGB 3090 w/ active backplate
Memory	2x32GB DDR4 3600 Corsair Vengeance RGB @3866 C18-22-22-22-42 TRFC704 (1.4V Hynix MJR - SoC 1.15V)
Video Card(s)	Galax RTX 3090 SG 24GB: Underclocked to 1700Mhz 0.750v (375W down to 250W))
Storage	2TB WD SN850 NVME + 1TB Sasmsung 970 Pro NVME + 1TB Intel 6000P NVME USB 3.2
Display(s)	Phillips 32 32M1N5800A (4k144), LG 32" (4K60) \| Gigabyte G32QC (2k165) \| Phillips 328m6fjrmb (2K144)
Case	Fractal Design R6
Audio Device(s)	Logitech G560 \| Corsair Void pro RGB \|Blue Yeti mic
Power Supply	Fractal Ion+ 2 860W (Platinum) (This thing is God-tier. Silent and TINY)
Mouse	Logitech G Pro wireless + Steelseries Prisma XL
Keyboard	Razer Huntsman TE ( Sexy white keycaps)
VR HMD	Oculus Rift S + Quest 2
Software	Windows 11 pro x64 (Yes, it's genuinely a good OS) OpenRGB - ditch the branded bloatware!
Benchmark Scores	Nyooom.

System Name	Thakk
Processor	i7 6700k @ 4.5Ghz
Motherboard	Gigabyte G1 Z170N ITX
Cooling	H55 AIO
Memory	32GB DDR4 3100 c16
Video Card(s)	Zotac RTX3080 Trinity
Storage	Corsair Force GT 120GB SSD / Intel 250GB SSD / Samsung Pro 512 SSD / 3TB Seagate SV32
Display(s)	Acer Predator X34 100hz IPS Gsync / HTC Vive
Case	QBX
Audio Device(s)	Realtek ALC1150 > Creative Gigaworks T40 > AKG Q701
Power Supply	Corsair SF600
Mouse	Logitech G900
Keyboard	Ducky Shine TKL MX Blue + Vortex PBT Doubleshots
Software	Windows 10 64bit
Benchmark Scores	http://www.3dmark.com/fs/12108888

System Name	Black Box
Processor	Intel i7 3770K
Motherboard	AsRock z77 Extreme 6
Cooling	Thermalright Venemous X
Memory	2 x 8GB Crucial Ballistix
Video Card(s)	2 x GTX 480
Storage	A-Data 128GB SSD, Samsung Spinpoint F3 1TB
Display(s)	HANNspree 25" 1080p 2ms
Case	Lian Li PC-9F
Audio Device(s)	Creative XFI
Power Supply	PC Power & Cooling Silencer MKII 750w
Software	Win 7 pro x64