Valve confirms this week's security breach potentially exposed encrypted credit card numbers, passwords, addresses, more.
Hacking activities have been the story of the year within the game industry, and the latest victim is Portal creator Valve Corporation. On Sunday, the Washington-based game company's message forums for its digital distribution platform Steam were infiltrated by a hacker collective. It now appears as if the culprits accomplished more than just vandalizing the website.
In a message sent to Steam users and forum-goers today, Valve managing director Gabe Newell said that the hacker group gained access to the Steam database in addition to its forums. In so doing, the individuals involved had access to various pieces of information, including "user names, hashed and salted passwords, game purchases, email addresses, billing addresses, and encrypted credit card information."
Newell said that the company currently has no indication that the intruders took any of the encrypted credit card numbers or personal identifying information. He also said there is no evidence that encrypted credit card numbers or passwords had been cracked. However, Valve is still investigating the attack.
As a result of the security breach, Newell said that all forum users will be required to change their passwords the next time they log in to the message boards. However, as it does not appear as if any Steam accounts were compromised, Newell said that it will only be advisable, and not mandatory, to change these passwords.
Currently, the Steam forums are offline. Valve plans to reopen them "as soon as we can."