Sorry your browser is not supported!

You are using an outdated browser that does not support modern web technologies, in order to use this site please update to a new browser.

Browsers supported include Chrome, FireFox, Safari, Opera, Internet Explorer 10+ or Microsoft Edge.

Geek Culture / QUICK!!!! Check your bank cards and DELETE IT OFF STEAM

Author
Message
Yodaman Jer
User Banned
Posted: 26th Dec 2015 06:06
Link
Ok, I am really pissed at valve right now - apparently sometime last night (the 24th) and through parts of today, many people were reporting[warning: some language!] that if you click on your account details it would actually take you to that of a different users page.

This means, in effect, you could buy games and use up funds and then have that account gift it to yours - so lots of people got ripped off and many people got free presents.

I stupidly had my card saved on there, so I am contacting my bank tomorrow and having it cancelled and getting a new sent... you should do the same if you also had your card saved. I checked my account and everything seemed fine, and it does appear Steam has since fixed the issue, but I would HIGHLY recommend you guys delete that info off of your account and change cards faster than a card shark fueled up on speed!

Valve better be prepared to reimburse anyone who lost money, let alone their card numbers!

Sign up for NaGaCreMo!
Back to top
Profile
The Zoq2
15
Years of Service
User Offline
Joined: 4th Nov 2009
Location: Linköping, Sweden
Posted: 26th Dec 2015 11:35
Link
As far as I have heard, people havn't been able to use your account, just look at account details. It supposedly happened because of a misconfigured server which sent cached versions of other users pages to you. People might have seen the last 4 digits of your credit card as well as billing address and other personal information but they havn't been able to make purchases as far as I know.

https://www.reddit.com/r/Steam/comments/3y7r0b/do_not_login_to_any_steam_websites/
Say ONE stupid thing and it ends up as a forum signature forever. - Neuro Fuzzy
Back to top
Profile PM Email
Seppuku Arts
Moderator
20
Years of Service
User Offline
Joined: 18th Aug 2004
Location: Cambridgeshire, England
Posted: 26th Dec 2015 14:33
Link
I haven't noticed any problems on mine. I bought a few people gifts too. So I am guessing it hasn't affected everybody? Big data protection issue, obviously, but looking through all these, I am not seeing signs of people's bank accounts being accessed and I have checked my own bank just to be sure.
Back to top
Profile PM Website
The Zoq2
15
Years of Service
User Offline
Joined: 4th Nov 2009
Location: Linköping, Sweden
Posted: 26th Dec 2015 16:00 Edited at: 26th Dec 2015 16:22
Link
As far as I have heard, it went on for an hour before valve shut down parts of their servers and it was fixed a few hours after that. So unless you visited the steam store or community in that our you probably arn't affected.

Edit: I saw a pretty good youtube video explaining the cause of this
Say ONE stupid thing and it ends up as a forum signature forever. - Neuro Fuzzy
Back to top
Profile PM Email
Seditious
User Banned
Posted: 26th Dec 2015 17:14 Edited at: 26th Dec 2015 17:15
Link
What about those of us who use PayPal, that's safe right? IIRC you have to manually log in to your PP account to confirm the transaction.
Back to top
Profile
Phaelax
DBPro Master
22
Years of Service
User Offline
Joined: 16th Apr 2003
Location: Metropia
Posted: 26th Dec 2015 19:26
Link
Good thing Steam doesn't have any of my personal info

"I like offending people, because I think people who get offended should be offended." - Linus Torvalds
Back to top
Profile PM Email Website
The Zoq2
15
Years of Service
User Offline
Joined: 4th Nov 2009
Location: Linköping, Sweden
Posted: 26th Dec 2015 20:35
Link
Quote: "What about those of us who use PayPal, that's safe right? IIRC you have to manually log in to your PP account to confirm the transaction."


Pretty much everything is safe. There are additional checks for user info done when you change something on the account so unless valve had more issues than we know, nobody can have brought anything or changed any information. The only thing they could have done is seing your personal information.
Say ONE stupid thing and it ends up as a forum signature forever. - Neuro Fuzzy
Back to top
Profile PM Email
Yodaman Jer
User Banned
Posted: 26th Dec 2015 21:11
Link
Ok, glad to see this wasn't as terrible as it seemed last night - but I am never going to store any info on there or any site ever again.

I can't believe it was over an hour before they responded in any capacity. I know it was Christmas, but surely they had an emergency on-call team?

Sign up for NaGaCreMo!
Back to top
Profile
The Zoq2
15
Years of Service
User Offline
Joined: 4th Nov 2009
Location: Linköping, Sweden
Posted: 26th Dec 2015 23:07
Link
Yea, valve have handled this incredibly badly. An hour before they started trying to fix something and as far as I know, they havn't issued an official statement about it apart from talking to some journalist at gamespot.
Say ONE stupid thing and it ends up as a forum signature forever. - Neuro Fuzzy
Back to top
Profile PM Email
Yodaman Jer
User Banned
Posted: 27th Dec 2015 02:42
Link
That's just crazy. You'd think they would have some sort of news flash on the Steam homepage to update users and let them know that it seems that no unauthorized transactions were made from their accounts. I guess the people who said they had their account "broken" into were wrong, but it's hard to say. Only time will tell if people have had their information stolen. Which is why I'm going to order a new debit card just to be on the safe side, and change my password

How much do you want to bet that whoever made that critical mistake (misconfiguring the server) is now either demoted or jobless? That's pretty big screw up!

Sign up for NaGaCreMo!
Back to top
Profile
BatVink
Moderator
22
Years of Service
User Offline
Joined: 4th Apr 2003
Location: Gods own County, UK
Posted: 27th Dec 2015 10:44
Link
Being an IT Professional, I'm hoping this incident is a wake up call for users.
Everyone assumes that in a "crisis", the first thing you should do is log in to your account. Firstly, that makes it a many, many times harder to fix the problem.
Secondly, as shown here, you are more likely to make yourself more vulnerable to the "crisis". Why do people think that during a security breach, you should submit your user name and password, and get the server to compose a neat little package of all of your data?????
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Quidquid latine dictum sit, altum sonatur
TutCity is being rebuilt
Back to top
Profile PM Email
Dark Java Dude 64
Community Leader
14
Years of Service
User Offline
Joined: 21st Sep 2010
Location: Neither here nor there nor anywhere
Posted: 28th Dec 2015 03:42
Link
Great point there! ^^ People act in sheepish ways, eh?
"It also shoots blue flames sometimes, which is startling in the most exquisite of ways." -- Self
Back to top
Profile PM Website
Back to top

Login to post a reply

Server time is: 2025-05-07 23:37:31
Your offset time is: 2025-05-07 23:37:31