Gabe Newell just sent out a message announcing that their has been a massive attack on Steam and Valve. The attack occurred Sunday through the forum. At the moment Valve is unsure of how badly their operations were compromised and are investigating just how much information the hackers were able to acquire. However they have concluded that the database that hackers managed to access "contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information,"

Gabe would like to re-assure you at the moment "We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating," Newell wrote. "We don't have evidence of credit card misuse at this time. Nonetheless you should watch your credit card activity and statements closely."

The target of the attack appears to be the Steam Forums which were defaced. Its unclear whether that defacement was the intentional target of the hackers or whether they wanted access to the information Valve had in the database which was breached. The Steam forums are apparently off line while Valve investigates and tries to figure out how the attack occurred and why.

So if you are a Steam member you need to watch your credit cards carefully. Almost all of your information may have been stolen and could be used by the perpetrators. No reports of crime associated with the hack have been announced , lets hope this was just a group of cyber punks wanting to deface the Steam Forums and not something more sinister like trying to steal personal information!

Source

just seen this luck for me i'm not part of there forums (as far as i'm aware) and Steam itself hasn't been compromised great timing though skyrim to launch in an hour and steam starts throwing out warnings of a hack :(

So is it just the forums or steam as a whole? I don't use it that often (never bought anything).

What I'm asking is are people going to be able to play games on steam or is it going to be completely down like PSN was?

goes to change pw and make sure I didn't save CC information like normal....

I'm good. I realized I used paypal and that always forces a login/pw so there is no way I'm jeopardized and my steam pw is unique to steam. Glad I continue to use common sense.

btw... the OP is a little misleading.

They don't think main site's pw and security was really breached... read below.

"Dear Steam Users and Steam Forum Users:

Our Steam forums were defaced on the evening of Sunday, November 6. We began investigating and found that the intrusion goes beyond the Steam forums.

We learned that intruders obtained access to a Steam database in addition to the forums. This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating.

We don’t have evidence of credit card misuse at this time. Nonetheless you should watch your credit card activity and statements closely.

While we only know of a few forum accounts that have been compromised, all forum users will be required to change their passwords the next time they login. If you have used your Steam forum password on other accounts you should change those passwords as well.

We do not know of any compromised Steam accounts, so we are not planning to force a change of Steam account passwords (which are separate from forum passwords). However, it wouldn’t be a bad idea to change that as well, especially if it is the same as your Steam forum account password.

We will reopen the forums as soon as we can.

I am truly sorry this happened, and I apologize for the inconvenience.

Gabe."

What a bunch of assholes. The IIR needs to do something.

I read the letter before posting. I also never suggested that they said such information was actually stolen. Just that it was possible and that the breach had compromised a Steam database. The information I qouted from the letter was on that Steam Database and I emphasized that Valve was investigating and had no evidence of what all has been compromised.

I can't see how I was misleading in the OP. I qouted the letter and based my topic around the media reports!

Disappointing, but they were extremely quick and straightforward about it... unlike some other companies. So i'll deal.

wow even steam got compromised? and isn't steam like a 100% digital platform? that makes it even worse than when another specific company was hacked