Steam has returned to its normal operations and, so far, shows no sign of additional kinks. The security break which left many users vulnerable to possible identity theft and other serious threats is over. Still, no one is sure exactly what happened. After being completely shut down to prevent such threats from taking form, the Steam store is back up and, so far, that’s all anyone has revealed. A recent statement by the Valve software company reveals the seriousness of the Steam security breech:
“Steam is back up and running without any known issues. As a result of a configuration change earlier today, a caching issue allowed some users to randomly see pages generated for other users for a period of less than an hour. This issue has since been resolved. We believe no unauthorized actions were allowed on accounts beyond the viewing of cached page information and no additional action is required by users.”
The company appears to have justified the glitch by noting how short the period of vulnerability was. However, during the under 60 minutes that Steam’s firewall was down, many users may have had their credit cards numbers stolen. The information that users were able to view on the profile of other users included their name, balance in their Steam wallets as well as the email address and phone numbers associated with their Steam accounts. The question standing is, just how many Steam users are gaming today with other people’s funds?
“Do NOT attempt to unlink PayPal, remove your credit card details or anything else. Doing so will put you at risk instead.”
— Steam Database (@SteamDB) December 25, 2015
Steam users who were not active on social media during the short period that the store was not secure, may have missed some key updates on how to protect themselves from threats. Specifically, the company tweeted instructions on how to remove linked payment accounts and those who tried to do so in other ways may have unintentionally given cyber predators their payment information.
While the security breech was active, all payments were halted. The Steam store was shut down from 4:30 p.m on Christmas day and did not resurface until around 6 p.m, according to Examiner. Valve was not able to comment on the situation until after 8 p.m. Steam Database updated their Twitter feed frequently to inform users that the issue was not on their end, and that it was Valve’s responsibility to inform them on the issue.
We’re very much aware that we shouldn’t be the ones informing people about this, but Valve is consistently failing to do it themselves.
— Steam Database (@SteamDB) December 26, 2015
Now, the Steam store is fully operational and because Valve has no explanation of exactly how the breech occurred in the first place, there is no word if they are also unable to measure the amount of damage that may have been done. Instead of uncovering the mystery, Steam only made it known that the store was not hacked. Consumers will have to wait and see if the wallets of Steam users suddenly come up short.
Valve has admitted that users’ personal accounts were completely exposed, but some Steam users feel that this is no cause for concern. Based on recent posts made to Steam’s message forum, there is some information that users could not see despite the breech.
The security breech first began when Steam users logged on to find the site in a foreign language, as previously reported by the Inquisitr. The ordeal seems more like a hacker situation than a random glitch, but Valve stands by their statement that an update caused Steam to go haywire. Despite the fact that their users’ personal information was at stake, Steam stood to loose the most during the glitch.
Steam recently began its big winter sale. Based on sales data from previous years, this is their highest-selling time of the year. It seems Steam didn’t have a very Merry Christmas after all.
[Feature image via SteamPowered.com]