Steam security error leaves personal information exposed

Steam’s store has been pulled offline after a major security error exposed thousands of users’ personal information.


Anyone logging in to Steam this evening, Christmas Day, was greeted with account details for other users’ accounts instead of their own.

Usernames and PayPal email addresses were visible, along with purchase histories and other private information.

Thankfully, no new purchases could be made – despite users being able to see the amount of funds in another users’ Steam wallet, as well as censored information on linked credit cards such as the last few digits. Account details could not be changed, either.

But the information linked to accounts could still be used to compromise other services.

Eurogamer readers have provided evidence of being able to view dozens of other users, with accounts served up at random as they refreshed the store pages.

We’ve also seen account details of people who were using the service’s Steam Guard and Mobile Authenticator methods of protection – which did not stop the information being shown.

At present it appears to been a caching error on Valve’s part, which ended up serving the wrong pages to the wrong people.

Valve has yet to comment on the matter. Steam’s help desk is also offline.


Merry Christmas.

Source link

About Game News Today

I'm a true gamer. I'm not a pro gamer but ill never stop playing games. My choice of console is PlayStation, but each to their own. I unfortunately do not get as much time as i would like to still play games, but when i do, i love it!

Check Also

The Frontier goes offline after modder accused of sharing “animated paedophilic content” •

It’s one of the biggest Fallout: New Vegas mods of all time, but Fallout: The …

Leave a Reply

Your email address will not be published. Required fields are marked *