Steam database compromised, what now?

Check this e-mail from Gabe:

IMeWI

Edit: It turns out it’s probably fake but we’ll see:

 

No votes yet.
Please wait...

stranded

I run this place! :D

This Post Has 15 Comments

  1. 0cube

    @hunshiki Where i live its illegal to store the CSC/CVC number and i assume that this applies to any country with a half decent law-situation. Even if they get past the encryption, they still need that code.
    I am not sure about the following: will the card get locked if you enter this code falsely a number of times? I so, then i think the chance is even slimmer of them misusing the CC

    No votes yet.
    Please wait...
  2. hunshiki

    Oh I got so many downvotes. :(

    No votes yet.
    Please wait...
  3. popovich

    So ultimately, I WAS right about no free stuff policy. lol
    I hate being right. >.<

    No votes yet.
    Please wait...
  4. hunshiki

    I don’t know the exact organization who did the cracking. It was a guy’s TrueCrypt container or encrypted drive.

    Anyway, I have switched passwords on my accounts. BUT. What happens if I won’t have a computer (which is mine) nearby? I’m literally doomed. I cannot access any account of mine.

    What about the bank account? I DON’T KNOW.
    What does one need to use my card? Usually the card number and the CSC/CVC.

    I gave both of them to Steam. Aand I can’t get a new card, unless I pay some money to the bank and I’ll have to wait for a while until I get a new card.

    Let’s see if it’s a stronger security enabled site. It needs your location. Dang, you gave out that one too. What now? Should I move to my neighbour, change my address, get a new card?

    Seriously, bank cards and security … ridiculous. (They just don’t stand a chance nowadays.)

    No votes yet.
    Please wait...
  5. popovich

    Hey, the forum is back online! :)

    No votes yet.
    Please wait...
  6. popovich

    Btw, CIA doesn’t do cryptography. as far as I know.
    That’s the job of NSA.

    No votes yet.
    Please wait...
  7. popovich

    @hunshiki
    Well, it wouldn’t be THAT hard. All you need is to compartmentalize, really.
    Split the work into several parts and give it several people to work on.
    Several well chosen people, several countries, several farms, you get the picture.
    If they could do this, I can’t imagine why they couldn’t organize themselves in such a fashion.
    We are talking about a possible “gold mine” here, they would definitely see it that way. so it would be worth the effort. Whether they could open that mine and hit the mother load or not, is another matter altogether.
    Again, we could all speculate on this topic, but it would be wrong to be absolutely certain of either outcome.
    That’s the bottom line I wanted to convey.
    I’m sure you would agree.

    No votes yet.
    Please wait...
  8. hunshiki

    By the way. One problem with passwords: If you use a normal password, you can always remember it. You can use it everywhere with ease. BUT if someone steals it, you are done.

    If you use random passwords, you need a software to manage them. Like Keepass.
    It’s cool as long as you work on your own PC, laptop. But sometime ago I had to check a password of mine, I was away from my computer…. yepp, sh.t just got real. :(

    (Maybe I should get a smartphone…)

    No votes yet.
    Please wait...
  9. hunshiki

    @popovich – They would need a pretty huge farm. And a lot of time. Even CIA have a hard time cracking one password with AES.

    @m!nus – What keys? o.O Password? I use random passwords since the WineDB breach. (Lucky thing, my users got deleted before the breach happened. I always made a user, but never used the site.)

    No votes yet.
    Please wait...
  10. m!nus

    @hunshiki: What tells you they didn’t obtain the keys when breaking into valve’s servers?

    No votes yet.
    Please wait...
  11. popovich

    Btw, it seems I have been wrong regarding the possibility of Valve handing out free games. My bad.
    Can’t wait for my free copies of Portal 2 and Dota 2 hehe :)

    No votes yet.
    Please wait...
  12. popovich

    @hunshiki
    Actually, all one needs is access to a computer farm or a Cray for a few days and voila! :)
    It’s not like we don’t have those, and considering the knowledge needed for a breach like this, it wouldn’t be too far fetched to assume some (or all) of them have been educated in the field with the possibility to access such resources.
    Of course, this is just a speculation. AES256 is pretty damn tight algorithm, but hey, there’s a first time for everything. :)

    No votes yet.
    Please wait...
  13. comscier

    ~~hunshiki

    agree~~ if they manage to crack it, then your CC would be their official legit prize.
    ^.^

    No votes yet.
    Please wait...
  14. stranded

    :D

    No votes yet.
    Please wait...
  15. hunshiki

    Okay, I don’t worry about my data anymore. If anyone manages to crack AES256 before I die, he deserves to use my card.

    No votes yet.
    Please wait...

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.