Valve offers a longer statement about Christmas Day caching issues that allowed users to view some, - Polidicks

[QUOTE=SGTNAPALM;49420969]1 and 9, 8673. You now have the same compromised information from me that you lost. Go to town.[/QUOTE] what's your steam login username, phone number, and e-mail. i GUARANTEE i could convince steam support to give me your account with all of that info - all of which actually leaked out.

[QUOTE=Dissolution;49420984]what's your steam login username, phone number, and e-mail. i GUARANTEE i could convince steam support to give me your account with all of that info - all of which actually leaked out.[/QUOTE] without logging into the actual email? doubtful

[QUOTE=Johnny Guitar;49420960]:words:[/QUOTE] We'd all like to say this, but then we have to consider the consequences of creating something like that. You shouldn't have a killswitch for anything open to the Internet, that's insanely stupid, so you're stuck with something either in every Valve datacenter (also stupid, because Valve has datacenters around the world) or in the main headquarters (which means you have to open it to the Internet, and is therefore stupid.) The problem with having an always-available killswitch is that it's not just available to who you give it to. You're giving a server remote inputs to shut it down, and literally anyone can do that if they know where to look. You create a killswitch, you're giving hackers the ability to shut down Steam more efficiently than they can already, and that is terrible practice. There is no easy win here. Just admit that it's complicated, and stop offering bullshit solutions that you haven't thought through.

[QUOTE=J!NX;49420989]without logging into the actual email? doubtful[/QUOTE] you seriously think steam support will ignore you if you tell them you also lost access to your email? absolutely not lol

[QUOTE=RenegadeCop;49420975]You forgot your address and phone number[/QUOTE] It was only last four digits of my phone number. Wasn't aware that billing address was compromised, however.

[QUOTE=Dissolution;49420984]what's your steam login username, phone number, and e-mail. i GUARANTEE i could convince steam support to give me your account with all of that info - all of which actually leaked out.[/QUOTE] If Valve lets you access someone else's account with the last four digits of someone's phone number and email address without being able to log into said email address then I agree, Valve is fucking retarded and that's unacceptable.

[QUOTE=Rangergxi;49420976]Thats the point of PR.[/QUOTE] And that's why Valve needs more of it, instead of those people defending this fuckup and thus helping to maintain status quo.

[QUOTE=RichyZ;49421000]You could use the personal info to ascertain the login details for their email.[/QUOTE] You're going to need to get past the dual factor auth to accomplish that though. How are you going to access my Google Authenticator codes with just the last four digits of my phone number?

I really want to know what happened to anyone that redeemed Steam gift codes

[QUOTE=Dissolution;49420992]you seriously think steam support will ignore you if you tell them you also lost access to your email? absolutely not lol[/QUOTE] If Blizzard won't give me my WoW account because I don't have the ID for the name I registered it with, and Apple can't verify my iTunes account without the full credit card number registered on the account, why would Valve hand over a Steam account to someone if they didn't have access to an email account?

Who needs a killswitch, all they needed to do was announce a holiday game like the monster clicker from the summer to take down steam

It's not even their fault, looks like servers were being maintained by some hosting company

[QUOTE=RichyZ;49421020]Not every email has authentication.[/QUOTE] Are you telling me that users who use third party Email services apart from Valve who lack basic security features are at risk of identity theft? I don't see that being Valve's responsibility to be honest. That's between you and your Email provider. Though to be fair the reason you have those security features is because you have to assume that services will leak information in the way that Valve did, as unacceptable as it may be.

[QUOTE=damnatus;49421026]It's not even their fault, looks like servers were being maintained by some hosting company[/QUOTE] a hosting company they hired because they thought were good enough for the job, it is their fault

[QUOTE=Gwoodman;49421042]a hosting company they hired because they thought were good enough for the job, it is their fault[/QUOTE] This is true, Valve should have either had better control of their partners or, better yet, run their own hosting companies themselves. They make enough capital that they could probably make this happen.

aka it wasnt a big fuck up but everyone thought it was. The only thing concerning was bill address and email.

[QUOTE=RenegadeCop;49420975]You forgot your address and phone number And someone mentioned earlier, there was enough info to pretend to be someone else on Steam Support, which is very bad![/QUOTE] The benefit of the doubt is that valve and Akamai are working out to figure exactly who's data had been accessed, contact them yadayada. If steam support knew what they were doing this could be taken into consideration

[QUOTE=Gwoodman;49421042]a hosting company they hired because they thought were good enough for the job, it is their fault[/QUOTE] no if that company advertised that they could handle it, but they couldn't, how is this valve's fault exactly

[QUOTE=Gwoodman;49421042]a hosting company they hired because they thought were good enough for the job, it is their fault[/QUOTE] And if you order pizza it is your fault if the delivery person runs someone over.

[QUOTE=Take_Opal;49420775]Customers don't know shit, tbh.[/QUOTE] You don't know shit, get outta here with that attitude.

My point ultimately is this: As of right now, apart from hindsight is always 20/20 stuff, There's really nothing Valve can do expediently to make this better, and I think people are blowing this way out of proportion. More customer support and tech support is a long time coming but that I feel like that likely wouldn't have fixed or prevented this issue from happening, merely mitigated its decidedly minor effects. Valve has fulfilled their obligations to their customers, apart from getting into a time machine and fixing the bug retroactively.

[QUOTE=Code3Response;49421073]aka it wasnt a big fuck up but everyone thought it was. The only thing concerning was bill address and email.[/QUOTE] I think doxxing several of its users is a big fuck up in its own right.

[QUOTE=SGTNAPALM;49421115]My point ultimately is this: As of right now, apart from hindsight is always 20/20 stuff, There's really nothing Valve can do expediently to make this better, and I think people are blowing this way out of proportion. More customer support and tech support is a long time coming but that I feel like that likely wouldn't have fixed or prevented this issue from happening, merely mitigated its decidedly minor effects.[/QUOTE] I don't really see anyone blowing this out of proportion, they are just holding Valve to the same standards they hold Target, Home Depot, and Sony when they suffer compromises. I don't really see how the defense of "Well you complained about things Valve did in the past so you can't complain about this" is really tenable, and I'm not even someone who complains about Steam very often.

[QUOTE=Keychain;49421135]I think doxxing several of its users is a big fuck up in its own right.[/QUOTE] 0 people were doxed a total of zero

[QUOTE=damnatus;49421088]no if that company advertised that they could handle it, but they couldn't, how is this valve's fault exactly[/QUOTE] how do you know they advertised it and it wasn't Valve that specifically went to them? [QUOTE=Combine 177;49421095]And if you order pizza it is your fault if the delivery person runs someone over.[/QUOTE] yeah pizza delivery to a huge platform containing millions of sensitive info, great comparison and answering that, you're comparing someone hacking into steam rather that the pizza delivery guy being the cause of the crash, so gj dude

[QUOTE=Raidyr;49421140]I don't really see anyone blowing this out of proportion, they are just holding Valve to the same standards they hold Target, Home Depot, and Sony when they suffer compromises. I don't really see how the defense of "Well you complained about things Valve did in the past so you can't complain about this" is really tenable, and I'm not even someone who complains about Steam very often.[/QUOTE] People are outraged over this as if it was a major security leak on par with the Sony credit card debacle that happened twice and I'm not buying it yet. It sucks that it happened and Valve should absolutely see to it that it never happens to it again, but when I ask what actual tangible documented harm was done I get a lot of what-ifs and maybes. It fucking sucks but it really wasn't that big of a deal. I don't think I'm arguing that you can't complain about this because you complained about something Valve did in the past, I don't see your point.

[QUOTE=SGTNAPALM;49421115]My point ultimately is this: As of right now, apart from hindsight is always 20/20 stuff, There's really nothing Valve can do expediently to make this better, and I think people are blowing this way out of proportion. More customer support and tech support is a long time coming but that I feel like that likely wouldn't have fixed or prevented this issue from happening, merely mitigated its decidedly minor effects. Valve has fulfilled their obligations to their customers, apart from getting into a time machine and fixing the bug retroactively.[/QUOTE] They've needed more customer support for a while know and if you look at TB's video this could ( although very unlikely but still have some major issues like people getting swated in real life ) They should gotten shit fixed before Christmas hit the fan

[QUOTE=theevilldeadII;49421171]They've needed more customer support for a while know and if you look at TB's video this could ( although very unlikely but still have some major issues like people getting swated in real life ) They should gotten shit fixed before Christmas hit the fan[/QUOTE] This is what I mean by hindsight is always 20/20 stuff. Valve should have had this shit under control, I agree 100%. This never should have happened. However sitting on the sidelines and chanting "Should've, would''ve, could've," over and over again isn't even remotely helpful or constructive. This never should have happened, this is obvious, thank you for that astute observation TotalBusciut. What really matters now is what Valve does going forward.

-snip-

[QUOTE=Grenadiac;49421147]0 people were doxed a total of zero[/QUOTE] Doxxing is releasing full name and residential information. That was achievable with this caching error if you had something in your shop cart.