What the hell is up with Steam? I see somebody's account in my store.

[iPlayer]

They are not my accounts!

 

Whenever I click on my funds amount in steam client (near to your login), I get teleported to somebody else's account info, containing their account information, including their last credit card numbers, phone number and their full e-mail address!

 

My friend is experiencing the same issue right now.

[iPlayer]

Here's another acc

http://imgur.com/5gE9dtn

 

Languages are changing too.

 

Click on your login (upper right, NOT your nickname!), then click "Account info/About this account"

[michael-]

Yeah, this is honestly extremely scary. I hope it gets fixed shortly.

[Nevermind]

I have the same problem.. This is really scary ;-;

[Weedoof]

Yeah, steam is shitting itself lately. Nobody has any idea why yet. I'm guessing it has something to do with the amount of steam card codes entering the system, but that's just a guess.

 

Bottom line, don't try to do anything involving money or markets until you can consistently access your own account.

[A Delicious Cashew]

I have the same thing.. That's definitely very worrying, I hope it doesn't get abused

[Mengh.]

Merry Christmas.

 

(Hackers messed up servers for Christmas)

 

https://www.hackread.com/hackers-shutdown-ea-sports-steam-servers-for-christmas/

[Buy my mixtape fam]

Wait so they can basically change all of your account/payment/security info? Welp

[.Dusk]

how does valve fuck up this bad?

[iPlayer]

Wait so they can basically change all of your account/payment/security info? Welp

No, I guess not.

 

This is the furthest I got in somebody's else account

 

Whenever you actually try to do something, you get an error or you suddenly start operating your real account.

[AFFIRMATIVE]

I don't mind this too much currently as i don't plan to purchase stuff, the only thing i'm worried is if i have to change my account details because of this.

[polar]

Don't visit any link that may contain any personal information. This includes the store page or those account details pages you guys are going through.

 

Keep up-to-date - https://twitter.com/SteamDB

[iPlayer]

You can also view their purchase histories / licenses.

 

[iPlayer]

 

By the way, this is not a security breach.

 

I see information like credit cards, e-mail, phone numbers and all their licenses, how's that not a security breach? It all at least falls under 'sensitive information'.

[Woifi The Viking]

I see information like credit cards, e-mail, phone numbers and all their licenses, how's that not a security breach? It all at least falls under 'sensitive information'.

Thankfully only the last 2 digits of credit card and last 4 digits of phone numbers.

 

I'm happy that I use Steam mobile now.

[michael-]

Thankfully only the last 2 digits of credit card and last 4 digits of phone numbers.

 

I'm happy that I use Steam mobile now.

 

Yeah, same here, I got through all the security measures in case of times like these.

[Buy my mixtape fam]

So, from what I gathered, SDB reported it as a cache error. My guess as to what happened is that either some servers went down because of the load and were replaced with new/developmental servers, causing the cache to go mad, or an engineer who was working at the time saw the massive load coming in and tried to re-cache the servers too aggressively. 

 

either way, I feel bad for the developers at valve, spending their christmas dealing with this.

[Julia]

I'm scared. ;~;

[michael-]

I'm scared. ;~;

 

 

Yeah, it's pretty spooki.

[SunriseM]

Wait so they can basically change all of your account/payment/security info? Welp

 

welp i wanted to test this so i tried to remove a free to play game that he never played from hes account and it said error, so i think they cant change your info

[iPlayer]

Thankfully only the last 2 digits of credit card and last 4 digits of phone numbers.

 

I'm happy that I use Steam mobile now.

I can't give you the link unfortunately, but there was an successful attempt at hacking using this way:

1. Phone support of site A, say, Amazon, requires you to give them last 4 digits of your phone number in order to reset your password.

2. You go to gmail of the same person, click "Forgotten your password", then it shows you a message like "A confirmation has been sent to your phone (***) ****-****-12345"

3. You give site A the combination they want - "2345".

 

Original article involved much more sites, one giving you last 4 phone digits, another one giving you first 5 phone digits etc, plus a lot of social engineering aimed at tech support.

[iPlayer]

They are all just celebrating Christmas too much there at Valve

[Weedoof]

I can't give you the link unfortunately, but there was an successful attempt at hacking using this way:

1. Phone support of site A, say, Amazon, requires you to give them last 4 digits of your phone number in order to reset your password.

2. You go to gmail of the same person, click "Forgotten your password", then it shows you a message like "A confirmation has been sent to your phone (***) ****-****-12345"

3. You give site A the combination they want - "2345".

 

Original article involved much more sites, one giving you last 4 phone digits, another one giving you first 5 phone digits etc, plus a lot of social engineering aimed at tech support.

 

But...Don't you need their gmail password to access their emails...?

And if you have that much, why not just use it on their steam account to start with? Most people use the same passwords everywhere anyway. And if you found one of the few people who don't do that you could just move on to the next and try again there.

[#NewWizard]

Since there is none of my personal information saved on steam, I'm fine and expecting some free games from steam tomorrow.

 

EDIT: Oh wait, my phone.

[MrDeepDarkmind]

WE NEED TO GO DOWN TO VOLVO HQ AND TO FIND TEH PROBLEM

(Secretly its testing)