Steam Christmas DDoS Attack Affected 34K Users; Valve Speaks Up

By   /   Dec 31, 2015
Gabe Newell Steam

If you were using Steam on Christmas day, you might have faced security issues where users’ information was presented to the wrong accounts before the store got shut down.

Valve Corporation has spoken up about the problem and revealed that about 34000 users were affected as the result of a DDoS attack and mismanagement of their caching partners in response to the attack.

On December 25th, a configuration error resulted in some users seeing Steam Store pages generated for other users. Between 11:50 PST and 13:20 PST store page requests for about 34k users, which contained sensitive personal information, may have been returned and seen by other users.

The type of data that might have been exposed includes Guard phone number’s last four digits, billing addresses, last two digits of credit cards, purchase histories, and email addresses in some cases. Valve confirmed that a DDoS attack was to blame (partly) for everything that happened:

Early Christmas morning (Pacific Standard Time), the Steam Store was the target of a DoS attack which prevented the serving of store pages to users. During the Christmas attack, traffic to the Steam store increased 2000% over the average traffic during the Steam Sale.

They say that when the attack was made, certain caching rules were put in place by one of their web caching partners. Then, another wave of DDoS attacks was made after which another caching configuration was put in place. This time, however, “traffic for authenticated users” was incorrectly cached which resulted in wrong data being shown to the users.

As soon as Valve figured out what was happening they had to shutdown the store in order to fix the incorrect caching configurations – which everyone found out first hand.

Valve apologizes for exposing the details of some users as well as for having to disrupt the service on such a tough time.

Featured Videos

Hot Right Now


The AMD Ryzen CPU Hits The Right Marks, Just Needs Right Price

The AMD Ryzen CPU was demoed recently and what a demo it was. AMD showed that the upcoming AMD...

by   /   Dec 15, 2016
Death Stranding leak

New Death Stranding Leak Revealed The Name Of Norman Reedus’ Character

Hideo Kojima rocked the internet with the reveal of Death Stranding trailer at The Game Awards...

by   /   Dec 15, 2016
Video Game Remasters

Untold Stories of Video Game Remasters – the Good, Bad, and Ugly

In today’s video, we discuss something subjective – are video game remasters good or bad? And...

by   /   Sep 9, 2016
Video Game Villains

Top 10 Invincible Video Game Villains Who Just Won’t Die, No Matter What

We all are accustomed with video game villains and the story usually concludes with the fall of...

by   /   Aug 18, 2016
Panasonic 3DO

Top-10 Retro Consoles You Never Knew Existed

Video gaming has come a long way! While we are well-acquainted with the likes of Xbox Scorpio and...

by   /   Aug 17, 2016
Load More