Valve Hacked. Your Info may be at risk

dafloppyone · 18 Apr 2007 at 15:45

A few days ago a member from the No-Steam crew by-passed Valve's security and exposed some financial information. What does he want in return? A notice on the steampowered website saying their systems have been comprimised. What's at risk? Lots and lots of credit card information :-(

VALVe's security was recently shown for what it really is; no exsistant. A hacker known as MaddoxX recently infiltrated VALVe's web servers, exposing, what should be confidential information, to the public. The hacker managed to gain root access to the server, meaning they could view anything they wanted (Including Customer Credit Card details, and even VALVe's current assets). The hacker then ripped the site and created a "Release" ( in an attempt to grab VALVe's attention (Who are renouned for poor security). Included in the release are all CAS/CAC files (Including certificates), proving once again that their Cafe program is not as secure as they thought. Valve has yet to fix the exploit the hacker used, and has not yet even replied to him. It has also failed to reveal to it's customers that this event even occured, even though they're private details have been exposed. Please help us to inform the public and VALVe customers of this important news..

SK07 · 18 Apr 2007 at 15:48

Yah, maddox hacked them. Their account numbers and credit cards are on the internet now.

In all honesty Valves security is just poor. Even though I don't like Steam one bit they have the worst security measures to date if you ask me. In 2003 they were hacked and the source code for Half life 2 stolen, now they have been hacked and all their banking details and credit cards stolen. Honestly, how can they let them happen? doesn't happen to other companies because they have good security or is it just bad luck :rolleyes:

KNiVES · 18 Apr 2007 at 15:52

Not good

DJKahuna · 18 Apr 2007 at 15:54

This is why i always buy boxed copies of games as my setails aren't then stored with some 1-bit company like valve. Steam is one of the worst ideas i've EVER seen as it means i actually have to be connected to the net just to run a local server (or at least start one in a decent time frame).

dafloppyone · 18 Apr 2007 at 16:00

not if you use steam buster emulator

BloodWolf · 18 Apr 2007 at 16:00

Thank god VALVe don't have mine.

Slinky1989 · 18 Apr 2007 at 16:08

Thank god I have never bought anything over the steam network.

I'd be more concerned if EA link got hacked though :eek:

afraser2k · 18 Apr 2007 at 16:09

Sounds like a hoax to me.

HeX · 18 Apr 2007 at 16:10

Proof this happened?

Psyk · 18 Apr 2007 at 16:35

Did they get passwords for Steam accounts? That would explain what happened to my account...

Of course Valve would much rather blame me than admit they have a security problem.

Supertaff · 18 Apr 2007 at 16:43

While I don't doubt that someone could have hacked onto the steam network, they could have even got access to the database with customer details. I would though have expected the credit card details to be encrypted within the database by something like Triple DES, and therefore the cards details would not be available even if the DB was compromised.

As for those people who complain about steam and account details. I presume none of you ever buy anything off the internet? The facts still stand your more likely to have your Credit Card details compromised by mugging or other means than someone hacking an internet site.

Taff

PiKe · 18 Apr 2007 at 16:45

Do valve even store card details? I'm asked everytime for mine if I purchase anything.

nbkpsycho · 18 Apr 2007 at 16:53

Thank god my accounts were free

dafloppyone · 18 Apr 2007 at 16:54

There is a file on rapidshare that proves it but im not posting it as it would probably be copywrite violation as they have the proof in this file

richjs · 18 Apr 2007 at 17:03

Thank god, like others, I haven't bought anything off Steam (not that I know why people would when they could get a nice CD + manual etc).

Have they denied it's happened or just not commented?

SK07 · 18 Apr 2007 at 17:21

If I get confirmation that it is ok then I will post the link to his forum post which is proof.

l33t-krew · 18 Apr 2007 at 17:23

dafloppyone said:
A few days ago a member from the No-Steam crew by-passed Valve's security and exposed some financial information. What does he want in return? A notice on the steampowered website saying their systems have been comprimised. What's at risk? Lots and lots of credit card information VALVe's security was recently shown for what it really is; no exsistant. A hacker known as MaddoxX recently infiltrated VALVe's web servers, exposing, what should be confidential information, to the public. The hacker managed to gain root access to the server, meaning they could view anything they wanted (Including Customer Credit Card details, and even VALVe's current assets). The hacker then ripped the site and created a "Release" ( in an attempt to grab VALVe's attention (Who are renouned for poor security). Included in the release are all CAS/CAC files (Including certificates), proving once again that their Cafe program is not as secure as they thought. Valve has yet to fix the exploit the hacker used, and has not yet even replied to him. It has also failed to reveal to it's customers that this event even occured, even though they're private details have been exposed. Please help us to inform the public and VALVe customers of this important news..

Sound suspicious but this sounds like one of those emails, pass this on and you will be rich :rolleyes:

NightSt@lk3r · 18 Apr 2007 at 18:21

ive read this on many sites and to me there claims just dont add up and i think it is fake.

Energize · 18 Apr 2007 at 18:35

Haven't seen it on any realible sites, sounds like rumours.

dun · 18 Apr 2007 at 22:34

l33t-krew said:
Sound suspicious but this sounds like one of those emails, pass this on and you will be rich

Exactly what i thought when i read the last line, sounds like a chain mail type idea.