Valve had stepped forward to provide an explanation concerning the Christmas Day snafu, where it involved Steam users being greeted by information concerning other Steam users upon logging in. Of course, I am quite sure that not everyone is going to be too happy with their explanation, with very good reasons as well as it should not even have happened in the first place, but it looks like the denial-of-service (DoS) attack has more numbers to cough up – approximately 34,000 users were said to have been the number of people whom have had their personal information revealed, no thanks to what Valve calls a “configuration error”.
Valve also shared, “The content of these requests varied by page, but some pages included a Steam user’s billing address, the last four digits of their Steam Guard phone number, their purchase history, the last two digits of their credit card number, and/or their email address. These cached requests did not include full credit card numbers, user passwords, or enough data to allow logging in as or completing a transaction as another user.”
Hopefully everyone will be able to have a jolly new year and put this behind them, and as usual, there is no way that something can be 100% secure even in the digital era, and this is why best practices are always in place.
Filed in Steam (Valve) and Valve. Source: zdnet
. Read more about