Insurgency Mod Scum: cheaters, hackers, wallhackers, aimbotters, griefers, teamkillers, micspammers, spawncampers, exitcampers, and everything else Insurgency.
Blogger.com policy on personal information: Personal and confidential information: It's not ok to publish another person's personal and confidential information. For example, don't post someone else's credit card numbers, Social Security numbers, unlisted phone numbers, and driver's license numbers. Also, please keep in mind that in most cases, information that is already available elsewhere on the Internet or in public records is not considered to be private or confidential under our policies.
All information posted on Insurgency Mod Scum is publicly available.

Valve's Security SNAFU - Use Anonymous Gift Cards!

2012-02-11

Posted by insurgencymod at Saturday, February 11, 2012 Labels: , , ,
Dear Steam Users and Steam Forum Users

We continue our investigation of last year's intrusion with the help of outside security experts. In my last note about this, I described how intruders had accessed our Steam database but we found no evidence that the intruders took information from that database. That is still the case.

Recently we learned that it is probable that the intruders obtained a copy of a backup file with information about Steam transactions between 2004 and 2008. This backup file contained user names, email addresses, encrypted billing addresses and encrypted credit card information [IMS: and very likely phone numbers]. It did not include Steam passwords [IMS: shiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiit...].

We do not have any evidence that the encrypted credit card numbers or billing addresses have been compromised. However as I said in November it's a good idea to watch your credit card activity and statements. And of course keeping Steam Guard on is a good idea as well.

We are still investigating and working with law enforcement authorities. Some state laws require a more formal notice of this incident so some of you will get that notice, but we wanted to update everyone with this new information now.

Gabe

My name, email address, billing address and credit card information are compromised, but not my Steam password. Thanks Gabe. If you gonna encrypt billing addresses and credit card information, why not encrypt names and email addresses?

Insurgency Mod Scum Pro Tip: use prepaid Visa or Mastercard gift cards instead of PayPal and CCs.

Also see:
http://insurgencymod.blogspot.com/2011/11/message-to-steam-hackers-and-valve.html

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)