Steam hacked, some users at risk

On Nov. 6, the forums for the onling gaming store and network Steam were intruded. The damage could be substantial for some users. 


Kevin Morris

Internet Culture

Published Nov 11, 2011   Updated Jun 3, 2021, 1:27 am CDT

Steam, the online gaming store and multiplayer network, has been hacked, the service’s parent company, Valve, announced in a statement Thursday.

Featured Video Hide

Gabe Newell, Valve’s CEO, said the attack began on the Steam forums on Nov. 6:

Advertisement Hide

“Our Steam forums were defaced on the evening of Sunday, November 6. We began investigating and found that the intrusion goes beyond the Steam forums.

We learned that intruders obtained access to a Steam database in addition to the forums. This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating.”

It’s unclear if the hackers actually gained access to Steam’s full database of 35 million users or just a subset of that database. Regardless, as Newell notes, there’s as yet no evidence that the encryption protecting credit card data or personal information has been cracked.

The hack was big news on social news site Reddit’s r/gaming section, where Valve games and the Steam service are popular.

“I’m tired of hackers doing this kind of shit,” redditor TheCatAndSgtBaker wrote. “I hope [Newell] brings down the justice hammer hard.”

“The worst part is, my steam account is worth more than my bank account right now,” redditor mechroid wrote.

Advertisement Hide

Steam users who used the same password for their forums account and their Steam account are in the most immediate danger—especially if they used that same password elsewhere online. Users who have done so should immediately change those passwords. The company’s Steam guard protection, introduced three months ago, locks account access to individual computers. But that can be invalidated if hackers also gain access to a Steam user’s email.

This isn’t the first time Valve has been hacked. In 2003, thieves stole the source code for the as-yet-unreleased second game in the company’s enormously successful Half-Life series. That led to a wave of arrests after Valve cooperated with the Federal Bureau of Investigation and the gaming community.

Photo by Pitel

Share this article
*First Published: Nov 11, 2011, 11:07 am CST