Warning: Steam Users Accounts May be Compromised

Earlier this afternoon gamers using the popular PC gaming platform known as Steam reported some strange occurrences. After some users logged in...
  1. [​IMG]
    Earlier today many Steam users reported something strange when they logged in to their accounts. Instead of being brought to their account page, they were brought to a page with a different language (usually Russian). It was soon discovered that users were actually being logged in to another users account. A mad scramble ensued as users around the world attempted to secure their accounts, knowing full well that there are people out there who would try to take advantage of such an egregious breach in Steam's account security. Among the information made accessible by the breach are e-mails, billing addresses, and even the last four digits of credit cards, meaning this was a fairly serious breach of information and privacy.

    Thankfully, not long after the issue was discovered, Valve shut down the affected areas of Steam in an effort to protect users' privacy and figure out what was causing the issue in the first place. While Valve has not released an official statement yet, it is not believed to have been an actual security breach. Instead, the common theory is that since Valve uses Akamai for their CDN and Varnish for caching, there was a misconfiguration in one of those components that caused Steam to not correctly serve and render cached pages that were intended for single users only. Keep in mind this is just a theory, Valve has not released an official statement yet, so it could have been a real security breach, however that seems unlikely.

    As always when something like this occurs, it is highly recommended that you change your login information in case any of your information was compromised, just to be on the safe side. I will update this article with any updates that I find and if any readers have more information, feel free to post in the comments below!

    SOURCE

    [UPDATE]

    Valve has released an official statement regarding the issue.

    "Steam is back up and running without any known issues. As a result of a configuration change earlier today, a caching issue allowed some users to randomly see pages generated for other users for a period of less than an hour. This issue has since been resolved. We believe no unauthorized actions were allowed on accounts beyond the viewing of cached page information and no additional action is required by users."

    Share This Article

    About Author

    Night
    I'm just an aspiring English Major with a love of all things geeky.
    RaoulDuke, Zero, Deadpool and 6 others like this.

Comments

To make a comment simply sign up and become a member!
  1. RaoulDuke
    Your Steamy account has been compromised Night. Tee hee
      Night likes this.
  2. MrSquiddles2K15
    I'm scared I'll log into my steam account and find that someone's been on it!
    1. denz
      They could only have looked at your account info page with your name, address etc if they were saved.
  3. denz
  4. Soggy Crayons
    How do I delete my SE7ENSINS account if I'm using STEAM for it?

    1. Night
      What exactly do you mean?
  5. XeClutch
    Well that might explain why I wasn't automatically signed into Steam just a minute ago. However, it is very strange that I now have 3 new items in my inventory that I'm almost positive I didn't receive from playing Insurgency.
    1. Night
      Make sure you change all your credentials and be thankful you got free stuff lol.
    2. denz
      Could be the mystery cards from winter sale?
  6. TheAtom
    This WAS an actual security breach! This hacker group DDoS'd the steam servers on Christmas!!!!
    1. View previous replies...
    2. Night
      Valve said that it was a configuration error that caused the cache issue, there's no more explanation needed.
    3. TheAtom
      Fine. (><)
    4. Night
      I don't really understand the problem man, yes Steam was DDoSD'd, but that wasn't the cause of the cache error, it was just bad timing.
  7. Night
    Friendly reminder that this is not a PC vs Console article and as such any comments that are clearly attempting to start a PC vs Console war will be deleted or edited appropriately!
  8. HowAmI
    Is this why I can't access my profile page to look at what the public will see ?
    1. View previous replies...
    2. HowAmI
      Alright
    3. HowAmI
      To add-on I hope some people also have 2 Step Enabled so there is a little more security behind their account
    4. Night
      Agreed, anytime you have the chance to use two step you should, on this site as well.
  9. Night
    Update has been added after Valve released an official statement regarding the issue.
  10. televisedfool
    Welp someone screwed up. :roflmao:

    Hopefully the issue was resolved without any irreversible damage.