Security exploit on Steam compromises users (Now fixed)

Discussion in 'Articles' started by FreddyZVoorhees, Jul 27, 2015.

Security exploit on Steam compromises users (Now fixed)

FreddyZVoorhees Jul 27, 2015

  1. FreddyZVoorhees

    FreddyZVoorhees Truth or happiness, never both. Lifetime Gold XPG Retired Staff
    135/188

    Joined:
    Sep 20, 2012
    Messages:
    2,021
    Likes Received:
    846
    Trophy Points:
    135
    Gender:
    Male
    Console:
    Xbox
    Steam is a reference regarding the security matter. But an exploit was accidentally created by the team last update support system, allowing access any account with only username.
    Basically, you need only go to the support site, click on "Forgot password", fill your account name and a confirmation code was sent to the email linked to that account. But if you leave blank code entry field and clicked "Continue", you could access the account normally. The error happened last week and was repaired a few minutes later, but only revealed today.
    https://www.youtube.com/watch?v=QPl_BJoBaVA

    Valve sent a request for password change for anyone with malicious activity on the account. However, there is to worry about, the unique security system Steam, called Steam Guard, do not allow anyone to buy, sell or exchange items or games in the accounts when you enter a new device; the maximum that may have happened is the invader have played a bit playing the games of your account without you knowing. If you fear something, just enter your Steam and disconnect the other devices that are connected to the account, simple as that.
    If you received an email requesting the password change, you know why.
     
    Last edited by a moderator: Jul 27, 2015

Share This Page

Close