(Mirror Daily, United States) – Anyone looking for the Winter Sales went through a bit of a panic yesterday, as Steam went down due to major bug that allowed users access to personal information from random accounts. Each time players clicked on Account Details they received the stats and info from someone else. A big oopsie.
Steam is the biggest online platform that gamers often resort to for online, and even single player games. However, they have seen some security issues, along with a huge number of accounts hacked. On Christmas Day, the service experienced a major glitch. It offered players unauthorized access to the personal information of random accounts.
For example, by heading over to Account Details, users would still see their own data in the corner, including name, and Steam Wallet, but another appeared on the actual page. By refreshing, it just sent the user to another’s info, including e-mail and purchase history. It also changed the language, with Russian being apparently the most common one encountered.
According to users’ Tweets and reports, some of the randomly generated accounts even had Steam Guard activated. So, that didn’t prove to be useful.
Due to this crisis, Valve took the precaution of shutting down Steam Store altogether. This restricted anyone from making purchases or selling items from the randomized users. Some, on the other hand, claim that it wasn’t possible either way. This continued for around an hour, so there would’ve been enough time.
A bit later, Valve turned its Steam Store back on, and all was right with the digital world again. There have been no reports of users with fewer money on their Steam Wallet than they previously had. Although there have been users who claimed to have more money on their account than before.
That matter remains to be sorted out by the service. However, Valve also confirmed that “this was not a hack or a DDoS attack” which essentially means flooding their servers with bots. Instead, it was the result of a flawed configuration change that they had made earlier in the day. It led to the unfortunate bug, but it appears that no dire consequences occurred.
It could’ve been chaos to actually give users access to random people’s Steam Wallets during Christmas sales. Valve assures that everything is fixed now. No additional action is required by the users, and they were cautioned not to store their billing information on Steam Store. Given that the attack was fairly recent, it remains to be seen if some users surface with complaints.
Image source: tumblr.com