Valve’s digital game store platform was taken down for a couple of hours after Steam’s security mishap revealed their user’s private information. Even though most users though that this problem surfaced after a hack, the platform being threatened with a massive DDOS attack earlier this week, Valve’s spokespersons stated that this occurred due to a caching issue following a configuration change.
Although SteamDB and the Steam subreddit both have claimed various alleged facts about this issue, one has to keep in mind that neither of these two is in any way officially under Valve’s supervision. The Steam subreddit moderator may state that he is officially speaking for Valve, but he is not a Valve representative in any way.
The problem consisted of mismatching users’ account information. If you would have entered your account page prior to the servers’ shutdown, you would have seen a different person on the page, along with his private information. His billing address, last four digits of his credit card and phone number.
Even so, users’ would not have been able to purchase products using this information in any way. Considering that now, following an official statement by Valve, the servers are up and running once again, without the previous information leak, users should feel at ease. Up to this point, no claims have surfaced in regards to actual credit card theft or other similar illegalities.
But, due to this leak, users are advised to refrain from clicking on suspicious links in any way, because the environment is suitable for an increase in phishing scams. Simply act normally and go about your day as you would normally do. Even so, if identity thefts will occur because of this mishap, Valve may very well be facing numerous lawsuits in the coming weeks or months.
The problem may be fixed, but the fact that it occurred in the first place still stands tall. By having all of your information, products, games, linked to only one site that is always online, these types of security fails are extremely dangerous. This one of the many criticisms that always-online DRM content faces on a day-to-day basis.
The fact that you do not actually own what you purchase on Steam is correct as well. If one day the servers would go down, all of your purchased products will be gone as well. Platforms like CD Projekt Red’s GOG.com completely circumvent this issue by giving people who purchase a game the installer, without the need of a constant internet connection. It is to no surprise why this aforementioned platform is gaining increased popularity each year, but it is still long ways off from reaching Steam’s massive 125 million userbase.
This staggering number of users comes with a great responsibility as well. If Valve is not able to ensure their users’ privacy, it should really revamp it security protocols as soon as possible or, at least, try to not make any caching issues surface in the future.
Although Valve’s security mishap revealed their users’ private information, the odds that this will make people leave the Steam platform are extremely low, even 0. But Steam users should take into account that showing a higher degree of skepticism towards unknown links from strangers, following this caching issue, is strongly advised.