Check this e-mail from Gabe:
Edit: It turns out it’s probably fake but we’ll see:
Steam database compromised, what now?
Comments
15 responses to “Steam database compromised, what now?”
-
@hunshiki Where i live its illegal to store the CSC/CVC number and i assume that this applies to any country with a half decent law-situation. Even if they get past the encryption, they still need that code.
I am not sure about the following: will the card get locked if you enter this code falsely a number of times? I so, then i think the chance is even slimmer of them misusing the CC -
Oh I got so many downvotes. :(
-
So ultimately, I WAS right about no free stuff policy. lol
I hate being right. >.< -
I don’t know the exact organization who did the cracking. It was a guy’s TrueCrypt container or encrypted drive.
Anyway, I have switched passwords on my accounts. BUT. What happens if I won’t have a computer (which is mine) nearby? I’m literally doomed. I cannot access any account of mine.
What about the bank account? I DON’T KNOW.
What does one need to use my card? Usually the card number and the CSC/CVC.I gave both of them to Steam. Aand I can’t get a new card, unless I pay some money to the bank and I’ll have to wait for a while until I get a new card.
Let’s see if it’s a stronger security enabled site. It needs your location. Dang, you gave out that one too. What now? Should I move to my neighbour, change my address, get a new card?
Seriously, bank cards and security … ridiculous. (They just don’t stand a chance nowadays.)
-
Hey, the forum is back online! :)
-
Btw, CIA doesn’t do cryptography. as far as I know.
That’s the job of NSA. -
@hunshiki
Well, it wouldn’t be THAT hard. All you need is to compartmentalize, really.
Split the work into several parts and give it several people to work on.
Several well chosen people, several countries, several farms, you get the picture.
If they could do this, I can’t imagine why they couldn’t organize themselves in such a fashion.
We are talking about a possible “gold mine” here, they would definitely see it that way. so it would be worth the effort. Whether they could open that mine and hit the mother load or not, is another matter altogether.
Again, we could all speculate on this topic, but it would be wrong to be absolutely certain of either outcome.
That’s the bottom line I wanted to convey.
I’m sure you would agree. -
By the way. One problem with passwords: If you use a normal password, you can always remember it. You can use it everywhere with ease. BUT if someone steals it, you are done.
If you use random passwords, you need a software to manage them. Like Keepass.
It’s cool as long as you work on your own PC, laptop. But sometime ago I had to check a password of mine, I was away from my computer…. yepp, sh.t just got real. :((Maybe I should get a smartphone…)
-
@popovich – They would need a pretty huge farm. And a lot of time. Even CIA have a hard time cracking one password with AES.
@m!nus – What keys? o.O Password? I use random passwords since the WineDB breach. (Lucky thing, my users got deleted before the breach happened. I always made a user, but never used the site.)
-
@hunshiki: What tells you they didn’t obtain the keys when breaking into valve’s servers?
-
Btw, it seems I have been wrong regarding the possibility of Valve handing out free games. My bad.
Can’t wait for my free copies of Portal 2 and Dota 2 hehe :) -
@hunshiki
Actually, all one needs is access to a computer farm or a Cray for a few days and voila! :)
It’s not like we don’t have those, and considering the knowledge needed for a breach like this, it wouldn’t be too far fetched to assume some (or all) of them have been educated in the field with the possibility to access such resources.
Of course, this is just a speculation. AES256 is pretty damn tight algorithm, but hey, there’s a first time for everything. :) -
~~hunshiki
agree~~ if they manage to crack it, then your CC would be their official legit prize.
^.^ -
:D
-
Okay, I don’t worry about my data anymore. If anyone manages to crack AES256 before I die, he deserves to use my card.
Leave a Reply