Posting on the No-Steam forum, an individual calling himself MaddoxX has claimed credit for hacking into Steam, and has posted presumably-confidential material including financial information, customers’ credit card information, and screenshots of internal Valve web pages.
The alleged hacker appears to be attempting some form of online extortion against Valve, posting the following to the forum: “If you want me to remove these files you can e-mail me at (address removed) and I prefer you come with something good unless you want me to expose ALL of the customers their information.” The specifics of his demands remain unclear.
Steam, introduced in 2004 in conjunction with Valve’s massive hit Half-Life 2, has grown into a massively popular and successful online distribution system on the internet. Along with Valve, Steam is now also used by companies such as Eidos, Akella, Activision and 2K Games. As well as new releases, Steam is also serving as a distribution method for older releases such as Thief: Deadly Shadows, Arx Fatalis, and Deus Ex: Invisible War, offering gamers a chance to play titles that are otherwise difficult to obtain.
If this claim of data theft is genuine, it could quickly become a public relations nightmare for Valve, which would be forced to reveal to credit card holders that its security has been breached. This would also be the second high-profile lapse in security involving Valve in recent years; in 2003, the Half-Life 2 source code was stolen by someone who managed to break into Valve’s internal systems undetected.