The best PC games ever Best PC games of 2018 Best graphics card 2019 Best free games 100 Apex Legends tips Fortnite Season 9 challenges

122

Steam Is Going Haywire, People Can Access Others' Accounts [Updated] [And Again]

Update: It seems, for me at least, that Valve have run screaming around the building, pulling out every plug they can find, as all the servers now appear to be down.

Update 2: After an astonishing four hours of silence, Valve finally bothered to say something publicly about the massive screw-up. They told Kotaku, “As a result of a configuration change earlier today, a caching issue allowed some users to randomly see pages generated for other users for a period of less than an hour. This issue has since been resolved. We believe no unauthorized actions were allowed on accounts beyond the viewing of cached page information and no additional action is required by users.”

Original story: There we were, feeling smug in our PC slippers that Sony were having trouble authenticating new PlayStation accounts this Christmas Day, and Steam goes nutso-crazy. And in a really serious way. As Kotaku reports on this merry eve, people are logging into Steam to discover they have access to someone else’s account. Full access, letting them see email addresses, personal details, and most of all, see Steam Wallet money.

Clearly most people at Valve will be at home, filling their face with roast Vortigaunt, so a response to the crisis seems slow. At the time of writing, I’m still able to log into my Steam account through the app, but the website version seems to either be crashing under the weight of people observing the news, or brought down at their end in a “QUICK, PULL THE RED LEVER!” sort of way. Kotaku’s Jason Schreier, as well as having too many Es in his name, has found looking at purchase histories “will bounce around other random accounts too.”

Obviously there’s no word yet if this is a hack, some giant internal screw-up, or perhaps an elaborate ARG informing us of the imminent release of Half-Life 3. Again, according to Kotaku, Steam Guard (which fires off an email to you if someone tries to log into your account from an unrecognised computer) isn’t preventing people’s accounts from being accessed.

Edit: People in our comments are reporting it’s a caching issue, the store serving you someone else’s cached page, so if you didn’t log in, you’re fine. So glad I logged in in order to write this story. With the whole thing pulled offline, it seems people should be safe right now. I imagine they’ll insist everyone change their passwords come tomorrow. Edit: Valve are saying otherwise, but changing your password on occasion is good practice.

Keep an eye on your accounts, clearly. All the best to Valve’s engineers, whose Christmas has just been shat on from far above.

Tagged with , .

If you click our links to online stores and make a purchase we may receive a few pennies. Find more information here.

Who am I?

John Walker

Prisoner

One of the original co-founders of Rock, Paper, Shotgun, I tried to leave, but they won't let me. If anyone reads this, please send help.

More by me

Support RPS and get an ad-free site, extra articles, and free stuff! Tell me more
Please enable Javascript to view comments.

Comments are now closed. Go have a lie down, Internet.

Advertisement

Latest videos