Steam Cache Glitch Caused Security Malfunction

December 25, 2015—Users of the gaming portal Steam, were wrongly logged into the account of other users, giving them access to sensitive information like the home address, purchase history, and credit card information of the stranger’s account. Other users also reported getting the Russian or French or Spanish landing page instead of their default English one.

After news of the breach circulated, the Steam store and its community sites were temporarily taken offline. The sites were back again a few hours later. Concerns were raised over whether the snafu was a result of the supposed DDoS attack, which the group called SkidNP was planning to launch on Christmas to gaming sites Steam and Minecraft.

The official statement from Steam, however, says otherwise—“As a result of a configuration change earlier today, a caching issue allowed some users to randomly see pages generated for other users for a period of less than an hour. This issue has since been resolved. We believe no unauthorized actions were allowed on accounts beyond the viewing of cached page information and no additional action is required by users.”

Comments are closed.