News Steam forum and database hacked

I've got Steam Guard but I still changed everything, is there such a thing as being too paraniod with online security?

I sometimes get the feeling that a lot of these hacks are out to find easy to crack security settings and are just a modern equivilent of smash and grab raids. Basically in and out quick grab what you can, take whats easy to get and move on to the next one.

 

^^You can never be too paranoid. I'm changing most of my important account passwords.

 

Well I've changed my steam password, even though I've never used their forums.

It'll be interesting to know how much of their data (or our data) they encrypt.

 

The sensible thing is to change your password, but am I right in assuming they don't appear to have the passwords for our accounts? (as they are hashed and salted?)

 

This, ladies and gentlemen, is why when systems like Origin pop up and want to nose through your PC, you need to be suspicious. Because everybody gets hacked, and when they do, everything they have to suddenly shared with the world.

 

Damn. I'm not happy at the thought people have got my name and billing address. Thankfully the linked Paypal account uses a very different password. In the past I've already had someone try to claim working tax credits in my name, twice. Thank you government for losing my information -.-

I better pootle off and change my Steam password then.

Edit: Changed my Paypal password as well.

 

Well, you all seem a pretty decent bunch of chaps so I don't mind telling you all that I changed my American Express Gold Account password to 'Damn, I fell for that one'.

P.S.

Don't tell anyone o.k.

 

When buying things off steam, there is also an option to 'store your details' to make your next purchase quicker. UNTICK that checkbox. It is a pain in the *** to enter your details each time you make a purchase but it's probably the safer option, you should then have less of an issue.

 

Should people that use Paypal to buy things off steam be concerned? Since Steam doesn't have our credit card details?

 

Aw s**t. Now I have to change most of my passwords.

m'eh.

 

and i would probably spend less money too....

 

Steam will not let me change my password, its says 'Steam is unavailable to change passwords at this time'

lol

 

I never let any company store my credit/debit card details and as I am more active these days on more sites needing better passwords I plan to use KeePass to store them for me so I then only have one master password to remember that way the rest of my passwords can be made up of anything as I will not have to remember them.

For those that might want a better idea of password security take a look over at Steve Gibson's site:
https://www.grc.com/haystack.htm
and
https://www.grc.com/passwords.htm

I use the Ultra High Security Password Generator for my Wifi Keys

 

password generators like that, however secure they may be, always remind me of this:

 

i have a change my pasword just in case and my cedit cards as well got my new 1 today

 

debit cards to?....why would steam record the card numbers though? can you add your credit/debit card details to steam as with paypal?

 

Its not that big a deal really, with Steamguard on someone cannot access your steam account without also having access to your Email (and I use google two factor auth with their smartphone app for that so they'd need my phone physically as well as my password, and the unlock code for my phone), and the credit card details are encrypted at 256 bit AES which is very very hard to break, even if they have the Salt. You're talking potentially thousands of years of CPU time to break it.

Plus Valve doesn't store your cards security numbers on the back of your cards (CVV code), additionally they'd have to bypass Visa/Mastercard security as well, plus your banks fraud protection.

Really Valves security and response in regards to this has been second to none, and things couldn't be much more secure. Steamguard, and the encrypted details mean that theres very little to worry about, I've requested new cards from my bank just as a precaution/best practice but other than that theres nothing really much to worry about. Unlike when Sony kept credit card information with user information in plain text.

- edit: Yes Denis_iii you can chose for steam to remember your details, or not. Again :best practice:.

- PS I do a lot of work in IT security, nothing is 100% secure, but Valves precautionary measures have been :best practice: and you cannot ask for more really.

 

I just had to request a new debit card after having lost my current one... perfect timing.

 

I don't even care. The odds of me being affected by this are so slim, I'm not even worried.

I wasn't scared of driving under bridges. One "fell" on me and I'm not dead.


You guys, I'm invincible. Nothing can harm me. Nothing bad can happen to me

Okay, my debit card was cloned TWICE BUT nothing bad happened. Invincible

 

no