Valve confirms Steam security breach

[Wiggins Top Boys]

Considering we've (or some of us) have known about the steam forums hack for a while now, i find it appalling that Valve haven't really mentioned anything before now.

If it hadn't been for this forum i probably wouldn't have an idea at all, until i would've exited and restarted Steam.

Don't know how many times i've started Steam today, for various reason, but only now did i get a message on startup - 4 days after.

In my eyes that is just shockingly bad.

agreed

77 million were affected.

Sony claimed to the US House of Representatives that there was no evidence of credit card fraud as a result of the hack, but there are several news reports claiming otherwise (i.e. http://www.pcworld.com/article/226775/playstation_network_users_reporting_credit_card_fraud.html).

i can tell you 100% that people reported fradulant behaviour on their cards due to the sony incident, i guess you'd just have to guess whether it was just coincedence or not.

For me the key issue is whether or not I should even have to worry about things like these for wanting to play a non-online game like Football Manager 2012. As I've said before; by having a mandatory third-party layer between the developer and the customer, Sports Interactive and SEGA are playing a dangerous game in punishing their customers with more layers of potential problems. When Steam is working, it has no advantages for me as a customer over a traditional install. When it's not working, I'm getting punished while SI/SEGA go "well at least the game wasn't cracked early".

As Sports Interactive/SEGA made the decision to force Steam upon anyone who wish to play their game, it will reflect back on them when this third party layer has problems. Whether that's right or wrong is irrelevant, SI/SEGA should take responsibility for their choice of putting all their customers in the hands of incompetent software developers. A choice that potentially could mean that some people will have their account and credit card info stolen.

And spare me this whole "not many people are affected" - Miles used the same argument in the Steam thread that you guys finally had to close down due to it being embarrassing that the Steam decision wasn't popular. Even if it only affects ONE of us, it's too many, and something that could have been avoided by using more intelligent and creative ways of preventing piracy.

The real question here is whether or not it was WORTH preventing early cracked versions of the game, in exchange for potential credit card hacking, account theft, all the technical issues listed in the support forums, all the issues with the extra software layer on top of the game, the dependance on third party connection in order to play, etc etc.

The truth is that Steam only benefits SI/SEGA, not the customers.

well said

[roykela]

Still no message for me on loading Steam. There really should be. Not everyone who uses the Steam client uses the Steam forums or visits the homepage every day.

The message from the Steam chief all seems a bit "Oh.. by the way...", hidden away in a place where quite a few probably won't see it, and only for a 3rd party to eventually post it. Unacceptable when there is the potential for credit/bank card fraud.

Like me. I never use the Steam Forums. I'm never there.

[wild2475]

You can find it here:

http://community.sigames.com/showthread.php/274801-A-Message-On-Football-Manager-2012-Activation

No thats not the oficial Q&A that was put up by Sega when the initial Steam thread after having thousands post on it was removed entirely from the Forum.

There was a Q&A about the Steam decision, the first question was 'Why Steam' the answer was 'To combat Piracy' nothing else simple but untrue.

As per the other quote from the Sega employee, well lets be honest they do think we are all stupid don't they!

[pigfacemonkeyman]

Still no message for me on loading Steam. There really should be. Not everyone who uses the Steam client uses the Steam forums or visits the homepage every day.

The message from the Steam chief all seems a bit "Oh.. by the way...", hidden away in a place where quite a few probably won't see it, and only for a 3rd party to eventually post it. Unacceptable when there is the potential for credit/bank card fraud.

Have you checked your emails? Maybe SEGA have let all their FM12 customers know of this breach and offered some info on what it means/could mean to them, and provided some advice on what to do.

[milnerpoint]

That is the initial steam thread, its the full thing is still there to read.

[mantralux]

What, was the Steam thread deleted from the forum? I'd love to hear the reasoning behind that.

If Sports Interactive was a player in FM, their Decision attribute would be a 3, at best.

[milnerpoint]

What, was the Steam thread deleted from the forum? I'd love to hear the reasoning behind that.

If Sports Interactive was a player in FM, their Decision attribute would be a 3, at best.

No its in the link pigfacemonkeyman posted!!!!

[tigerhgrrrrrr]

Damn, Sony, Codemasters, Sega, Valve etc.

It's frustrating you guys blame the likes of SI for this; or even Valve. It's those ******* hackers we should be going after. The games industry needs to hire its own hackers to strike back.

This post annoys me. The hackers (and possibly career criminals) have may have my credit card details. The only reason they had access to them is because SI made Steam 100% the gateway to the game and suggested that was the best place to buy the game to get best product support. Am gutted! Buy disc, put disk in PC, play game - I dont see how hackers can beak into that cycle to be honest. As soon as you use the net security is NEVER 100%, simple effin as!!!!! GRRRRRRR!

This incompetance has pushed the debate way past the "it stops piracy" BS.

[Guest]

This post annoys me. The hackers (and possibly career criminals) have may have my credit card details. The only reason they had access to them is because SI made Steam 100% the gateway to the game and suggested that was the best place to buy the game to get best product support. Am gutted! Buy disc, put disk in PC, play game - I dont see how hackers can beak into that cycle to be honest. As soon as you use the net security is NEVER 100%, simple effin as!!!!! GRRRRRRR!

This incompetance has pushed the debate way past the "it stops piracy" BS.

Attempt to increase profitability at the expense of consumer security, it is a fine commercial balancing act that is generally weighted against the consumer.

[bigdunk]

i can tell you 100% that people reported fradulant behaviour on their cards due to the sony incident' date=' i guess you'd just have to guess whether it was just coincedence or not.

[/quote']

Posts like this really really annoy me. You've quoted an article that says the Sony/credit card fraud link is almost certainly coincidental, and then stated that it's 100% related. Before claiming it's up to us to decide whether it's coincidental or not. If you take a random sample of 77 million people, it's almost certain that some group of them will be subject to credit card fraud in the next few months.

With the amount of mistruths, misinformation, distortions of the truth and downright lies in threads like this, it's no wonder they get closed.

[Dave9ffc]

Kriss

Moderator

As this really isn't anything to do with FM (until such time as actual accounts get hacked) and people are so damned argumentative

Closed.

Posted on the original Steam hacked thread a couple of days ago, funny how SI still haven't commented publicly on the Forums or anywhere even after proof is out that accounts have been hacked and this database is compromised. However it really isn't anything to do with FM of course...

Except you guys forced us to use Steam

[tigerhgrrrrrr]

Well I doubt they'll get as many sign ups today as they would on a normal day:) of course it will impact initially, but they'll recover ground over time just as Sony etc did.

The key issue is whether or not anybody suffers any direct damage from this, I think it unlikely but we'll not know that for a while.

Kriss, Im trying to be calm about this. So my credit card details may now be with career criminals. What preventitive measures do we need to take? I appreciate there is no evidence of credit cards being abused because of this, but initially there was no evidence that this issue stretched beyond the Steam Forums!, at look how that turned out. I think SI owe it to us to give some good official advice at this stage.

Im really peed off about this. My attitude went from anti-Steam to Steam tolerant to Pro-Steam (release day was an activation breeze for me) to now worrying about getting "robbed"

Thanks

[milnerpoint]

As i dont have a PS3 ill ask this question, did ALL game manufactures that make PS3 games issue a statement when the PSN was hacked?

If not were you as angry with them as you appear to be with SI and SEGA?

[milnerpoint]

Kriss, Im trying to be calm about this. So my credit card details may now be with career criminals. What preventitive measures do we need to take? I appreciate there is no evidence of credit cards being abused because of this, but initially there was no evidence that this issue stretched beyond the Steam Forums!, at look how that turned out. I think SI owe it to us to give some good official advice at this stage.

Im really peed off about this. My attitude went from anti-Steam to Steam tolerant to Pro-Steam (release day was an activation breeze for me) to now worrying about getting "robbed"

Thanks

If your really worried phone your bank right now, they will cancel that card and thats the end of it, no more risk to you with the details the crimials MAY have.

[Wiggins Top Boys]

Posts like this really really annoy me. You've quoted an article that says the Sony/credit card fraud link is almost certainly coincidental, and then stated that it's 100% related. Before claiming it's up to us to decide whether it's coincidental or not. If you take a random sample of 77 million people, it's almost certain that some group of them will be subject to credit card fraud in the next few months.

With the amount of mistruths, misinformation, distortions of the truth and downright lies in threads like this, it's no wonder they get closed.

err no i haven't quoted any article... sorry i was quoting the post above to put context in to what i was saying (so that it was obvious i was referencing the soiny debate)

i've said that 100% people have phoned up their bank claiming fraudulant behaviour on their cards due to the Sony incident. i know this due people i know working in fraud departments for banks.

the second part was simply a suggestion that perhaps these incidents were coincedences. how would a customer know for that the fraudulent activity was definitely due to the sony incident?

sod off, nobber. looks like someone needs to calm down

[YAY]

As i dont have a PS3 ill ask this question, did ALL game manufactures that make PS3 games issue a statement when the PSN was hacked?

If not were you as angry with them as you appear to be with SI and SEGA?

Why would they need to do that? Games on PS3 do not require you to use PSN to play them. FM12 does require you to use and sign up to Steam, its not an option like PSN is.

[bigdunk]

This post annoys me. The hackers (and possibly career criminals) have may have my credit card details. The only reason they had access to them is because SI made Steam 100% the gateway to the game and suggested that was the best place to buy the game to get best product support. Am gutted! Buy disc, put disk in PC, play game - I dont see how hackers can beak into that cycle to be honest. As soon as you use the net security is NEVER 100%, simple effin as!!!!! GRRRRRRR!

This incompetance has pushed the debate way past the "it stops piracy" BS.

If you bought the game from Amazon/Play/whoever then there's you way in for hackers as Amazon hold your details (if you allow them) in the same way Steam do. If you buy it from a shop, there's risks with handing your credit card over, or with the transmission from the card terminal being intercepted. If you take cash out of cash machine then there's risks with people modding cash machines to clone cards and so on. Wherever you use a credit card there's risks involved. Unless youn want to keep your money in a shoebox under your bed, of course. But then there's always the chance that someone will break in...

[Sengkang]

I'm intrigued that there is no sign of this news on Steam's homepage nor Valve's homepage - it should be there smack bang in the middle to draw attention.

I also agree that all Steam passwords should be reset - you have to assume that everything has been compromised (or that it's only a matter of time before they are). I guess money means more to them than security...

What is the point in a new password when they cold hack into it anyway?

[tigerhgrrrrrr]

If your really worried phone your bank right now, they will cancel that card and thats the end of it, no more risk to you with the details the crimials MAY have.

Yep and this is what I am now pondering as the best move right now, hence my polite request for proper official advice. SI owe us that. This is right now another one of those "easter 'kin eggs" that Miles smuggly said the game contained. Not chuffed!

[anagain]

Still amused that Steam's homepage makes no mention of the hacking incident, but does push a Skyrim promotion...

I think it's pretty well advertised that it happened and any member signing in will get a window with the message from Gabe. Why do they need to stick a big, meaty information banner on their sales page? They're in the business to make bucks and the business needs to go on. The battle to beat hackers will go on behind the scenes.

As for amusing, well I know people dislike Steam but come on.

Perhaps there is an argument that they should email all accounts and explain the situation, but how do you know that's not planned? It was a while before I got any emails from Sony when they're service was intruded upon.

[Guest]

If your really worried phone your bank right now, they will cancel that card and thats the end of it, no more risk to you with the details the crimials MAY have.

This^^

Such a simple solution, personally I would not have any grave concerns about card details.

The group who allegedly hack Steam were doing so for scene kudos rather than criminally financial gain (although that could change), in the main hacker groups who garner publicity like this do so for kicks & gaining access to financial information is the easiest way to get noticed as the company targeted will have a responsibility to go public with the security breach.

Criminal groups find it much easier to compromise an individual PC by tricking the user into installing malicious software or by simply giving up their card information freely.

[pigfacemonkeyman]

If you bought the game from Amazon/Play/whoever then there's you way in for hackers as Amazon hold your details (if you allow them) in the same way Steam do. If you buy it from a shop, there's risks with handing your credit card over, or with the transmission from the card terminal being intercepted. If you take cash out of cash machine then there's risks with people modding cash machines to clone cards and so on. Wherever you use a credit card there's risks involved. Unless youn want to keep your money in a shoebox under your bed, of course. But then there's always the chance that someone will break in...

Yes, but this thread is concerned with the break in at Steam/Valve.

[tigerhgrrrrrr]

If you bought the game from Amazon/Play/whoever then there's you way in for hackers as Amazon hold your details (if you allow them) in the same way Steam do. If you buy it from a shop, there's risks with handing your credit card over, or with the transmission from the card terminal being intercepted. If you take cash out of cash machine then there's risks with people modding cash machines to clone cards and so on. Wherever you use a credit card there's risks involved. Unless youn want to keep your money in a shoebox under your bed, of course. But then there's always the chance that someone will break in...

..and if I paid cash your post was pointless in the extreme. Especially as I check for sinister tamperings with cash machines (they are spottable). I did not carry out a full security audit & risk assessment on Steam though when I signed up - basic schoolboy error, more fool me!

[Welbeck19]

People have very short memories, it wasn't so long ago that these very forums were down due to a hacker attack on the sega pass system. As someone said above if you use a card at all for any transaction online or offline there is a chance it could be compromised.

[wild2475]

If you bought the game from Amazon/Play/whoever then there's you way in for hackers as Amazon hold your details (if you allow them) in the same way Steam do. If you buy it from a shop, there's risks with handing your credit card over, or with the transmission from the card terminal being intercepted. If you take cash out of cash machine then there's risks with people modding cash machines to clone cards and so on. Wherever you use a credit card there's risks involved. Unless youn want to keep your money in a shoebox under your bed, of course. But then there's always the chance that someone will break in...

You can request that companies don't store your account details.

You can use a differentcash machine if you are worried about security or a cash machine inside in a well lit bank with security cameras.

You can shop around and use what companies you trust for purchases.

For FM12 there is a monopoly, Steam and sign up for an account with them and use it constantly to play the game or nothing.

So when Steam does get hacked and it was always going to be targeted as legitimate by some people, then the people forced to use Steam only (or not buy the game) are the ones that feel hard done by.

[milnerpoint]

Yes, but this thread is concerned with the break in at Steam/Valve.

The original point was it is impossible to steal anything from someone when all they have to do is buy a disk, clearly thats not the case.

[milnerpoint]

Yep and this is what I am now pondering as the best move right now, hence my polite request for proper official advice. SI owe us that. This is right now another one of those "easter 'kin eggs" that Miles smuggly said the game contained. Not chuffed!

Well if your really bothered a quick 2 minute phone call and its sorted, you are no longer at any risk and for future you can decide to keep your card details more private, there are many other options for buying stuff online.

[Crispypaul]

Yep and this is what I am now pondering as the best move right now, hence my polite request for proper official advice. SI owe us that. This is right now another one of those "easter 'kin eggs" that Miles smuggly said the game contained. Not chuffed!

PayPal? You can use that on a lot of sites and probably Steam I guess.

It's never going to be possible to have 100% protection in this day and age.

[TeeWee]

The reaction of Valve on this incident is in my opinion very inadequate. It's a security announcement on a breach that has occured 5 days ago. This is, in security terms, quite long. Reputations and companies can be damaged in irreperable ways. Though it is entirely possible that Valve believed that breach consisted of defacing only and have just discovered that the breach included the customer database.

Managing breaches means managing the trust of the public. This means that the measures taken must instill the trust that Valve is handling the breach adequately. On a breach you always have to see what has been compromised and assume Bad Things. A playing down of consequences sounds too much like a cover up or at best, wishful thinking. Security cannot be built on these attitudes.

I'd expect mails to registered email addresses to change passwords. I'd expect mandatory password changes. I'd expect a message on the shop-site (it is completely absent there! And users can buy games using a compromised account from the shop). With compromised customer data, even a temporary shutdown of service is justifiable.

Because the worst thing that can happen to Steam is not "Oh, sorry for the inconvenience of the password change, the hackers actually got less data than we thought"; the worst thing that can happen is "Oh, ehm... Yes, the hackers have managed to crack your password, CC# and billing adresses. And managed to add an extra billing item on the paypal request because we left the shop open... But we thought closing the shop and forcing you to change a password was overreacting".

[nessi]

I'm just glad that I decided not to buy FM12 (exclusively due to steam), going through all this only to play ONE video game would have been unacceptable to me.

All I want to say to SI people is: please read mantralux's post (page 1) and take a moment to think and reflect about future decisions.

[Kriss]

Yep and this is what I am now pondering as the best move right now, hence my polite request for proper official advice. SI owe us that. This is right now another one of those "easter 'kin eggs" that Miles smuggly said the game contained. Not chuffed!

Advice from SI on worries aboutyour credit card? you do what I just did (I have a debit card only) I popped into my bank and explained what has happened, they said although it's very unlikely that my account was at any risk we'd just extend the existing system (any online purchases I make in foreign currency require me to authorise via the bank website with a user name and password known only to me) to include all online purchases for the next 3 months.

If it's a credit card contact your CC company and take their advice.

If the hackers did get enough info to use your card details it'll still only be for online purchases (they can't go to a cash machine and draw cash)

If you want 100% insurance cancel your card (inconvenient maybe but peace of mind)

Edit, am I right in thinking you're protected against fraud on your credit card anyway?

[AZBruntsfield]

Probably sheer chance, but I had massive problems with Steam on the morning of the 7th November, had to spend a couple of hours reinstalling both Steam and FM before I could get FM working. As I said, just coincidence.

I think a swift password change when I get home is in order.

[anagain]

I'm just glad that I decided not to buy FM12 (exclusively due to steam), going through all this only to play ONE video game would have been unacceptable to me.

All I want to say to SI people is: please read mantralux's post (page 1) and take a moment to think and reflect about future decisions.

I'm not sure his post contains anything that SI/sega wouldn't have thought about when making the decision. I'm 100% they weighed up all the pros and cons before they chose the Steam route. There's also the fact that Mantralux's post isn't entirely accurate.

For one, there's no guarantee that any other form of DRM wouldn't have had an effect on customers, much like the DRM used on FM09 did.

Two, SI/Sega have detailed that it is piracy before the game is released that has the biggest effect on sales and development of future editions of the game, so Steam will have benefitted them massively there. That in turn benefits the user because there are more resources to plough in to next years title.

Three, Valve are far from incompetent software programmers. I hardly think this relatively small breach makes them look like part timers in their mother's basement. They have some of the best selling titles on the market and are world reknowned game developers. Steam is a quality platform, but the likes of the Sony breach have shown that this hacking disease can happen to anyone. The whole of internet security needs to tighten up.

You have a massive misunderstanding of the whole background to the Steam debate, Nessi.

[x42bn6]

What is the point in a new password when they cold hack into it anyway?

Presumably, they will patch the flaw before changing the passwords...

[Kriss]

the likes of the Sony breach have shown that this hacking disease can happen to anyone. The whole of internet security needs to tighten up.QUOTE]

Well Murphy's law made it absolutely certain something would happen with Steam just to give the (ill informed and deliberately inaccurate in general) Steam bashers some ammo:D

Fact is there aren't many systems of note that haven't been hacked in some way, including NASA, the US Defence Department, The Health Service to name but some.

[Loversleaper]

I can't believe the ideology that people are just jumping onto some anti-steam bandwagon for the sake of it. They must be blissfully numb to the potential hazard we are all vunerable to, just forget all the legitimate concerns that were brought forth since this horrible decision made by Sega/SI. What now, are we to say this is just fine and dandy because some kid somewhere is going to get a 75% discount on some Sim2 game? You got to be kidding me, now we all got to contact our banks and change passwords everytime something stupid like this happens?

We were in the dark about what happened for a number of days, we can all just sit back and now guess if our purchased games have been compromised or will/can be in the future. What a load of horse-manure....

[Kriss]

I can't believe the ideology that people are just jumping onto some anti-steam bandwagon for the sake of it. They must be blissfully numb to the potential hazard we are all vunerable to, just forget all the legitimate concerns that were brought forth since this horrible decision made by Sega/SI. What now, are we to say this is just fine and dandy because some kid somewhere is going to get a 75% discount on some Sim2 game? You got to be kidding me, now we all got to contact our banks and change passwords everytime something stupid like this happens?

We were in the dark about what happened for a number of days, we can all just sit back and now guess if our purchased games have been compromised or will/can be in the future. What a load of horse-manure....

Actually as far as I'm concerned the system works, there was a brief window where possibly (no proof yet that it's so) some details were compromised, I've now made changes so they aren't.

For each individual this is no worse than losing your credit card, sure it's a pain having to do the necessary but once done your security is restored.

[nessi]

You have a massive misunderstanding of the whole background to the Steam debate, Nessi.

No. This is your opinion, and mine (and other people's) happens to be different. I'm not even bothering discussing with someone who starts a "dialogue" with this attitude.

[Loversleaper]

Actually as far as I'm concerned the system works, there was a brief window where possibly (no proof yet that it's so) some details were compromised, I've now made changes so they aren't.

For each individual this is no worse than losing your credit card, sure it's a pain having to do the necessary but once done your security is restored.

Yeah, but what are the chances that we are all going to have to go through this whole song and dance again (in your mind)?

[Kriss]

Yeah, but what are the chances that we are all going to have to go through this whole song and dance again (in your mind)?

Of course that's possible, as is the possibility your email account or ISP account or Amazon details (or any other place you bought online) etc, etc will be hacked tomorrow, that's if your car doesn't get stolen today (with your laptop in it) your house broken into tonight and your rare breed of dog kidnapped while you're distracted by somebody mugging your wife:D

[siambluebird]

I no way wish this happened. It amazes me that people who pointed out that Steams flaws would stop them buying the game (including privacy)were shooed away on a previous thread. Two or three posters (some appearing again on this thread) seemed to delight in calling those against steam as paranoid and dinosaurs with their little jokes. Now some are still saying that this concern is still no real issue! Some people will do anything to defend these powerful companies, as if the company cares anything about them. It amazes me that being told to cancel your card is "all you have to do". I know there are two sides to every debate, but one side looks far more responsible and realistic than the other.

[pigfacemonkeyman]

the likes of the Sony breach have shown that this hacking disease can happen to anyone. The whole of internet security needs to tighten up.QUOTE]

Well Murphy's law made it absolutely certain something would happen with Steam just to give the (ill informed and deliberately inaccurate in general) Steam bashers some ammo:D

Fact is there aren't many systems of note that haven't been hacked in some way, including NASA, the US Defence Department, The Health Service to name but some.

Nothing worse than a reformed Steam basher, eh Kriss!

[quaazi]

Your happy Steam has been hacked and people's private details are at risk? Strange way of looking at things, hopefully your house never gets broken into, or anyone steals any of your private information in the future.

Oh! But dear me, dear me, I was under the impression that everything is fine! Or that's at least what the official response is. Keep calm and carry on, right?

So sure, I'm happy. Because noone is harmed by this. Right?

Because if someone's credit card info is actually stolen, then I'm sure our beloved decisionmakers would have a lot more problems than mere ol' me.

[Kriss]

Nothing worse than a reformed Steam basher, eh Kriss!

I'll be perfectly honest here, I've played FM12 uninterrupted from the day I got it, that could just be because when I knew Steam was to be the only option I bothered to go on the Steam site and forums and make sure I wasn't likely to suffer from any known problems while at the same time ensuring I knew what it entailed.

That doesn't excuse the fact that Steam did get something wrong with at least one of the patches and I'm bloody annoyed they did because SI need the Steam experiment to succeed.

It also doesn't help the Mac users who suffered (as they do with almost every Windows app) I really do have sympathy for them but it's the nature of that particulat beast I'm afraid.

[Lawlore]

Having previously been called "paranoid" and a "tin-hat conspiracy theorist" when explaining my choice of not buying FM12 due to Steam, I would like to underline that I take no joy in the current situation and hope everyone's details are found to be secure. I find some of the twisting people are doing in this thread in order to make their point- on BOTH pro and anti sides of the argument- remarkable.

Personally, I am more concerned with where this puts SI & Sega. They're in a really difficult position, but I do feel that their lack of statement reflects poorly on them.

Had FM12 not been Steam-only, nobody would have a valid argument that SI or Sega should do or say anything about it- they would have every right to direct people's complaints and problems to Valve. It's not an FM12 problem, and, in fairness, I highly doubt SI know a great deal more about the current situation than anyone else. It would fall entirely on Valve's shoulders, and Valve's public image. That's not the case. The decision was taken to exclusively use Steam, so Steam is now an essential part of FM12. In taking that decision, SI told its customer base to trust Valve- particularly those who had never used it before for whatever reason and may have required some convincing. Some didn't, many did. However, in asking for that trust, the other side of that coin is that they must also take a share- not necessarily the lion's share, but a share nonetheless- of responsibility when that trust is broken. The simple fact is that if FM12 weren't Steam-only, a portion of unknown size of its userbase would not have to worry about being affected by this situation at all. For that reason, for their own good, SI need to come out, hold their hands up and acknowledge that.

[lukekarts]

I'll echo that, though maybe not the fighting back with hackers. The world does need to get on top of all this hacking malarkey. I think that is something we'll all agree on.

I should have elaborated further - hiring hackers to understand more about flaws in the system so they can make them more secure. And of course to put tools in place to track these hackers.

[anagain]

Well Murphy's law made it absolutely certain something would happen with Steam just to give the (ill informed and deliberately inaccurate in general) Steam bashers some ammo:D

Fact is there aren't many systems of note that haven't been hacked in some way, including NASA, the US Defence Department, The Health Service to name but some.

Aye, it's what they do when they're hacked that matters. I'm sure Valve have everything in hand. I'm sure we've never been safer when it comes to online fraud too. I have been checking up on my bank's measure today. They constantly monitor transactions on my account and will refund misuse of my account. I feel safe enough without having to cancel cards.

[anagain]

I should have elaborated further - hiring hackers to understand more about flaws in the system so they can make them more secure. And of course to put tools in place to track these hackers.

Well there is an excellent article in the latest edition of PC Gamer about how a Taiwanese gaming company, Gamania, have a reformed hacker working for them. They go in to how these hacking 'companies' work and what they target. It's big business really. The people that can combat it best are those that were part of it...I suspect.

[pigfacemonkeyman]

Aye, it's what they do when they're hacked that matters. I'm sure Valve have everything in hand. I'm sure we've never been safer when it comes to online fraud too. I have been checking up on my bank's measure today. They constantly monitor transactions on my account and will refund misuse of my account. I feel safe enough without having to cancel cards.

If you are so sure of Valve, why bother checking with your bank?

[anagain]

If you are so sure of Valve, why bother checking with your bank?

Because online security is my task. The hacking of Steam isn't the only way that I can become a victim of fraud. Just another attempt has made me think about it all a bit more again. I trust these companies to do their bit to aid my security, but like Kriss said, even the biggest organisations can be hacked.