A huge goof-up by Steam leaked users' account info, as they could randomly see pages of other user accounts even while logging in from their accounts.
A number of users from the Steam community on Friday experienced some security issues. As several users started reporting online and on forums that they were able to view account information of other users. There have been numerous reports on Reddit, Twitter and NeoGAF highlighting the problem that also suggests personal information and credit card data could also be accessed for some users.
Valve has now officially confirmed that it was an internal goof-up. The whole debacle lasted for as long as an hour that the company now claims has been already fixed.
“Steam is back up and running without any known issues,” a company spokesperson said.
The company has narrowed down the issue to a wrong “configuration change” that randomly lets some Steam users view personal information of other users profile.
“We believe no unauthorized actions were allowed on accounts beyond the viewing of cached page information and no additional action is required by users,” he further added.
As of now, we aren’t sure the number of users who were affected by this internal security error. While there have also been reports that several users were facing issues logging into their Steam accounts.
Steam is now back online, and everything seems to be back to normal, though one can’t deny such a massive goof-up on the company’s part that serves over 125 million users. It’s rather unclear what caused the problem apart from the company claiming it was a caching issue. Though some experts believe Steam is incorrectly caching user account pages and rendering them for other users. The company now seems rather confident that the issue has been fixed and also added on its message forums that ‘Steam has not been hacked’ and ‘their personal information is now safe’.
Notably, a hacker group named SkidNP did threaten to take Steam down on Christmas earlier this month. It’s also worth noting that popular game services like Xbox Live and PlayStation Network were also attacked on Christmas last year. Though, Valve wasn’t affected by such an attack.