Valve releases a statement to its users explaining the problem

Nov 11, 2011 07:28 GMT  ·  By

Valve has released an official statement concerning its ongoing problems with its forums, saying that its whole Steam service has been hacked, with cyber-attackers gaining access to a database that contained user names, encrypted passwords, email addresses and possibly credit card information. 

Steam is the most popular digital distribution service available on the PC and Mac, with Valve getting its users accustomed to top notch quality and delivery of digital goods, while keeping their accounts safe through systems like Steam Guard.

Sadly, it seems that while Steam itself was well protected, the Steam forums weren't that efficient, as earlier this week a group of hackers defaced the forums, putting their own messages on it, fact which prompted Valve to take the whole system down.

The company has now issued a statement on the matter, revealing that the cyber attack was much more than just a way to mess around with the Steam forums, as the hackers got away with a big database filled with all sorts of information.

"We learned that intruders obtained access to a Steam database in addition to the forums," said Gabe Newell, CEO of Valve in an open letter to all Steam users. "This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information.

"We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating."

While Steam users shouldn't freak out about their credit cars falling into the wrong hands, Newell advises them to monitor their credit card activity in the next few weeks.

"We don't have evidence of credit card misuse at this time," he said. "Nonetheless you should watch your credit card activity and statements closely."

While just a small number of forum accounts were compromised, according to Valve, all users will be required to change their passwords the next time they login. If you used the same data on the forums as you did on Steam, you should change your password as well.

"We do not know of any compromised Steam accounts, so we are not planning to force a change of Steam account passwords (which are separate from forum passwords). However, it wouldn't be a bad idea to change that as well, especially if it is the same as your Steam forum account password."

Newell confirms that the forums will be reopened as soon as possible, and once again apologizes for this issue, saying that, "I am truly sorry this happened, and I apologize for the inconvenience."