By Grant Stoner | The Duquesne Duke
Every year, gamers eagerly anticipate the holiday Steam sale. With titles from every genre being sold at reduced prices, sometimes as much as 75 percent off, people readily spend money, hoping to fill their libraries with new games. However, on Christmas morning, Steam experienced a significant technical difficulty. According to reports from Polygon, thousands of people could view personal and financial information that did not belong to them.
“…Steam users were reportedly able to access information belonging to other users, including their purchase histories, PayPal information, Steam Wallet balances and certain contact information,” wrote editors Michael McWhertor and Shaun McIlroy.
“Some Steam users logged in to find their Steam client displaying information in another language or another Steam member’s username.”
During the account-swapping fiasco, people had the opportunity to fill their own Steam libraries with games purchased via funds from other unsuspecting users. When buying games on Steam, an option appears asking users if they wish to purchase the item for themselves, or send the game to another player as a gift. Hundreds of dollars could have been spent on an individual from across the globe without the consent of the credit card holder.
What makes the situation even more aggravating is that Valve did not warn their customers of the account errors. Rather, members of the online forum site Reddit created posts, advising other gamers to check their accounts in order to ensure their data was safe.
After multiple Reddit posts, gaming journalists helped to spread the word by producing online articles about the Steam incident. Hours later, after the gaming community was well aware of the transpiring events, Valve shut down the Steam service, hoping to rectify the problem before the situation escalated.
Within 24 hours, Steam relaunched without further issues.
Similar incidents involving gamers’ personal information have occurred before. Most notably, in 2011, Sony shut down its PlayStation Network for approximately one month. During the week of April 17, Sony officials uncovered information detailing that a breach occurred, providing hackers with the personal data of roughly 77 million PlayStation Network users.
Information including birthdates, addresses, passwords and usernames were stolen, and then placed online into a databank by the hackers. Nearly a week after the breach, Sony executives released a statement on the PlayStation blog, warning customers of the leaks, as well as advising them to immediately change online information related to PlayStation Network.
After Sony regained control of the PlayStation Network, they attempted to mend the relationship with their clients. They gave away a free month of subscription for PlayStation Plus, two free PlayStation 3 games, two free PlayStation Portable games in addition to offering one year of free identity theft protection.
While the events of the PlayStation Network hack were on a much grander scale than that of the Steam error, customers of both companies were forced to deal with the reveal of private personal and financial information. Unfortunately, it seems that as gaming and technology evolves, online transactions, and the risks that they carry, have become the norm.