BreachExchange mailing list archives
follow-up: Hackers probably stole Steam transaction data, Valve says
From: security curmudgeon <jericho () attrition org>
Date: Tue, 14 Feb 2012 02:56:27 -0600 (CST)
---------- Forwarded message ---------- From: InfoSec News <alerts () infosecnews org> http://www.computerworld.com/s/article/9224215/Hackers_probably_stole_Steam_transaction_data_Valve_says By Lucian Constantin IDG News Service February 13, 2012 Valve has informed users of its Steam online game distribution platform that hackers have probably downloaded encrypted credit card transaction data from a backup database during an intrusion last year. In November 2011, Valve announced that hackers gained unauthorized access to Steam's user database, but said that there was no evidence to suggest a leak of encrypted credit card details at that time. However, that has since changed. "Recently we learned that it is probable that the intruders obtained a copy of a backup file with information about Steam transactions between 2004 and 2008," said Gabe Newell, Valve's co-founder and managing director, in an email sent Friday to Steam users. According to Newell, the backup file contained Steam user names, email addresses, encrypted credit card details and encrypted billing addresses, but no account passwords. Valve doesn't have reasons to believe that the sensitive transaction data was decrypted, Newell said. However, this possibility should not be excluded. [...] _______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Small, inexpensive USB drives pose huge threats to organizations left unprotected. Download Chapter 1 of CREDANT Technologies eBook Data Protection to the Rescue http://www.credant.com/campaigns/external_media_ebook/chapter1/lp/
Current thread:
- follow-up: Hackers probably stole Steam transaction data, Valve says security curmudgeon (Feb 14)