Steam took quite a hit on Christmas with a mess-up by Valve that allowed users to access information of random people’s accounts.
Users who logged on December 25 were able to view user details of other people’s accounts, including email IDs and addresses. What was worse though is that this exploit or ‘breach’ allowed mischievous folks to use credit card and PayPal information of these random users.
Valve recently apologized for this blunder in an official statement, but it seems that they are also partly responsible due to complacency and attempts at cost minimizing.
According to P4RGaming, Valve had outsourced their support to a contracting company in India. It turns out that the game developer giant had only hired one person for Steam support. P4RGaming had a chat with the lone support person, Lusila Gupta, who admitted as much.
Lusila Gupta admitted that such instances were rather overwhelming, and that she alone had little power to solve these issues.
Valve has blamed the DDoS (Distributed Denial of Service) attacks for the cause, but the aftermath hasn’t been taken care of very well, considering there is only one support person being overburdened with ticket responses and (rightfully) enraged Steam users.
For such a respected and otherwise reputable company, Valve certainly hasn’t done itself any favors with this effort to minimize cost. Hopefully Lusila Gupta will have a few co-workers to make life easier.