Latest in Gaming

Image credit:

Steam's Christmas privacy issues affected 34,000 users

The Steam Store was the victim of a DoS attack on December 25th, leading to a privacy breach.
Jessica Conditt, @JessConditt
December 30, 2015
Share
Tweet
Share

Sponsored Links

On Christmas day, up to 34,000 Steam members were able to view other users' private information, including billing and email addresses, following a glitch triggered by a denial-of-service attack, Valve announced today. On the day of the attack, Valve said that the glitch was the result of a caching issue, and that users were able to view strangers' information, though they couldn't take action on other people's accounts. Valve's update today clarifies the caching issue, attributing it to the DoS attack.

"In response to this specific attack, caching rules managed by a Steam web caching partner were deployed in order to both minimize the impact on Steam Store servers and continue to route legitimate user traffic," Valve writes. "During the second wave of this attack, a second caching configuration was deployed that incorrectly cached web traffic for authenticated users. This configuration error resulted in some users seeing Steam Store responses which were generated for other users."

The bug was live from 11:50AM PST to 1:20PM PST and affected only users browsing the Steam Store at that time. If you didn't access your own private information on Steam during this window, you're fine. Valve is working to identify users whose information may have been compromised and promises to contact them.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

MIT tests autonomous 'Roboat' that can carry two passengers

MIT tests autonomous 'Roboat' that can carry two passengers

View
NASA will try to stow away its leaking asteroid sample tomorrow

NASA will try to stow away its leaking asteroid sample tomorrow

View
Microsoft's 'Mandalorian' Xbox controller will set you back $160

Microsoft's 'Mandalorian' Xbox controller will set you back $160

View
Samsung, Stanford make a 10,000PPI display that could lead to 'flawless' VR

Samsung, Stanford make a 10,000PPI display that could lead to 'flawless' VR

View
Xbox Series X and Series S walkthrough is a day-one primer

Xbox Series X and Series S walkthrough is a day-one primer

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr