Multiple reports are coming on concerning a serious error with the Steam Store that reveals the private information of other users.
Update: Valve has given the all clear. “Steam is back up and running without any known issues,” a Valve spokesperson told GameSpot. “As a result of a configuration change earlier today, a caching issue allowed some users to randomly see pages generated for other users for a period of less than an hour. This issue has since been resolved. We believe no unauthorized actions were allowed on accounts beyond the viewing of cached page information and no additional action is required by users.”
Even though Valve “believes” that no unauthorized actions were performed, we did hear unconfirmed reports that entire credit card numbers were able to be accessed due to the glitch. As such, it may still be in your best interest to remove any stored credit card information from your account, and keep an eye on your credit card activity.
Original Story: It looks like this year’s Christmas Grinch is none other than beloved PC gaming platform Steam. Multiple reports are coming in from numerous users purchasing items from the Steam store, discovering that when they check out, the private information of a complete stranger is displayed in place of their own info. This information includes partial credit card numbers, email addresses, account balance and purchase history. The store page also appears to be randomly changing languages for users, and Steam DB is speculating that a caching error is effectively logging users in to accounts that don’t belong to them. Scary.
As an emergency measure, the Steam store has been completely taken offline to prevent any fraudulent purchases from happening, understandable considering that some unconfirmed reports are claiming that the full credit card information of users with stored credit card information is being made available to random users.
The official Steam Support Twitter has been silent on the whole matter. For now, we would recommend not using the Steam Store, even if it comes back up, removing any stored credit card information from your account, and keeping a close eye on your credit card account to make sure no suspicious purchases have occurred.
We have reached out to Valve for more information, and will endeavor to update this post if we learn anything more.
Source: reddit