Today Valve told us that their cloud-based Steam service has been compromised, and that users' personal information and credit card information could be at risk.
Here are some common questions we've been getting, and the best answers we can provide given what we know. We are monitoring the situation and have reached out to Valve for more information. We'll update as we learn more.
Wait, Valve Was Hacked?
Steam, specifically. Here's what we know.
Is my Credit Card Compromised?
valve isn't sure. According to the email we received, the hackers gained access to a database that included user names, hashed and salted passwords ("hashed and salted" means they were encrypted), game purchases, email addresses, billing addresses, and yes, encrypted credit card information.
Valve does not have evidence that the encrypted credit card numbers or personal information were actually taken by intruders, nor that the intruders have the means to crack the encryption. Valve reports that they don't have any evidence of credit card misuse at this time and are "still investigating."
When did Valve know about this?
Valve started investigating after their forums were defaced this past Sunday, November 6th. It's unclear when exactly they realised that the intruders had also gained access to a Steam database.
Who is responsible?
No one knows, and no one has claimed responsibility.
Should I change my Steam Password?
It couldn't hurt, might as well take this opportunity to change your Steam password. It's really simple—on PC, open Steam and go to "Settings" in the "Steam" menu up top. Your account information can be easily changed under the "Accounts" tab.
Should I reset all of my passwords?
This also couldn't hurt, though it's time consuming. An easy way around this (since surely this won't be the last time one of your services gets hacked) is to get a program like 1Password or lastpass and use those to regularly change all of your passwords.
Are we gonna get free games because of this?
Well, there's usually some sort of "make good" after this kind of thing happens. Sony gave away a few games after they got hacked, so it stands to reason that Valve will do something similar. That or just give everyone some rad hats.
Who cares about my credit cards and passwords. Will Skyrim still unlock tonight?
Though the Steam forums are down, Steam itself is still working fine for all of us. So, you can relax: we don't anticipate a problem with Skyrim's launch.