<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.6000.16414" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Arial size=2>
<H2><CITE><FONT size=2>I haven't seen this on the list. Sorry if it is a
repost.</FONT></CITE></H2>
<H2><CITE><FONT size=2>Rodney Wise</FONT>
<DIV><FONT size=2></FONT> </DIV>
<DIV><A href="http://pplrwise.blogspot.com"><FONT
size=2>http://pplrwise.blogspot.com</FONT></A></DIV>
<DIV><BR></CITE><CITE>Counter Strike</CITE> firm in credit card hack
claim</DIV></H2>
<H3 class=Standfirst>Hacker, customers accuse Valve of coverup</H3>
<DIV class=Byline>By <A title="Send email to the author"
href="http://forms.theregister.co.uk/mail_author/?story_url=/2007/04/19/valve_steam_hack/">Chris
Williams</A> <SMALL class=MoreByAuthor><FONT size=2>→ </FONT><A
title="More stories from this site by Chris Williams"
href="http://search.theregister.co.uk/?author=Chris%20Williams"><FONT
size=2>More by this author</FONT></A></SMALL></DIV>
<DIV class=Date><SMALL><FONT size=2>Published Thursday 19th April 2007
11:09 GMT</FONT></SMALL></DIV>
<P>
<SCRIPT type=text/javascript>
var r = (Math.floor((Math.random()*10)+1));
if (r>5) {document.write('\x3Ca class="TopTextLink Research" href="http://research.theregister.co.uk/">Research library - All papers free to download.\x3C/a>');}
else if (r>4) {document.write('\x3Ca class="TopTextLink Research" href="http://ad.doubleclick.net/clk;89491171;13533154;i?http://elreg.regaccount.com/register/?product=theregister_newsletter\x26r=http://www.theregister.co.uk/?source=H200703NEWSLETTER">Sign up to our newsletter\x3C/a>');}
else if (r>3) {document.write('\x3Ca class="TopTextLink" href="http://ad.doubleclick.net/clk;89491170;13533154;h?http://elreg.regaccount.com/register/?product=theregister_newsletter\x26r=http://www.theregister.co.uk/?source=H200703NEWSLETTER">Receive the days biggest stories by email\x3C/a>');}
else if (r>2) {document.write('\x3Ca class="TopTextLink" href="http://ad.doubleclick.net/clk;89491169;13533154;p?http://elreg.regaccount.com/register/?product=theregister_newsletter\x26r=http://www.theregister.co.uk/?source=H200703NEWSLETTER">Click here to receive articles like this in your inbox\x3C/a>');}
else if (r>1) {document.write('\x3Ca class="TopTextLink" href="http://ad.doubleclick.net/clk;89491168;13533154;o?http://elreg.regaccount.com/register/?product=theregister_newsletter\x26r=http://www.theregister.co.uk/?source=H200703NEWSLETTER">Like this story? Receive others like it in your inbox\x3C/a>');}
else {document.write('\x3Ca class="TopTextLink" href="http://ad.doubleclick.net/clk;89491168;13533154;o?http://elreg.regaccount.com/register/?product=theregister_newsletter\x26r=http://www.theregister.co.uk/?source=H200703NEWSLETTER">Like this story? Receive others like it in your inbox\x3C/a>');}
</SCRIPT>
<A class=TopTextLink
href="http://ad.doubleclick.net/clk;89491170;13533154;h?http://elreg.regaccount.com/register/?product=theregister_newsletter&r=http://www.theregister.co.uk/?source=H200703NEWSLETTER">Receive
the days biggest stories by email</A> </P>
<P><A
href="http://www.theregister.co.uk/2007/04/19/valve_steam_hack/">http://www.theregister.co.uk/2007/04/19/valve_steam_hack/</A><NOSCRIPT></NOSCRIPT></P>
<DIV id=Body>
<P>Valve Software, the company behind <CITE>Counter Strike</CITE> and <CITE>Half
Life</CITE>, has been accused of covering up a hack of its servers which
allegedly exposed the credit card details of thousands of customers.</P>
<P>A hacker calling himself MaddoxX has trumpeted details of the claimed
break-in on his website, and threatened to publish more credit card information
if Valve do not "come with something good".</P></DIV>
<P>Customers say Valve has known about the alleged security breach since April 8
at the latest.</P>
<P>A customer told us he raised the hacker's claims on Valve's Steampowered.com
forums, but a company moderator quickly stepped in to delete it, writing,
"Please do not re-post that thread. Valve are aware of the issue and are
investigating. Making threads on the issue will not help."</P>
<P>Sources say a dozen threads about the matter have been suppressed on Valve's
official forums. In the meantime the firm has made no attempt to contact the
thousands of cyber cafe owners potentially affected.</P>
<P>A large file posted on a file sharing site appears to back up the hacker's
claims of breaking into the server of Valve's distribution network, Steam. It
contains sensitive financial information including Valve's current assets, full
details of five credit card transactions from March 12 with the threat of
exposing more, and details of how to set up a fake cyber cafe certificate for
multiplayer <CITE>Counter Strike</CITE>. The 14MB plus directory is essentially
a "rip" of the cyber cafe content delivery platform, Steam Cafe, and contains
all the files to access Valve's Central Authentication Server.</P>
<P>We contacted MaddoxX via email. He claimed he first gained access to Steam
this January, and said that although the cyber cafe customer database is not
linked to the standard customer list, he has access to that too. Valve have not
contacted him, he said, but have approached his hosting provider to take down
the page which announces the hack, so far without success.</P>
<P>The hacker says it's not his intention to steal information. He told us: "I
just came accross the login details when I was browsing some stuff. The access
to their whole customer database was more like luck, but still a hack because
the login details are inside some files. They changed the logins now and made it
not possible anymore to get the details from the files. The [credit card]
details itself are stored in a MySQL database where I still have access to."</P>
<P>"It is just to show how lax they are with their security. I want a full
excuse from VALVe on their site that they did NOT inform anyone about this. I've
got several e-mails from cafe owners and they said VALVe hasn't even said shit
to them...so you can see how they threat their customers."</P>
<P>One cyber cafe owner contacted by <CITE>The Register</CITE> said: "Why has it
taken days if not weeks before they told us if there is even the slightest
possibility someone has our CC details then we should have been told?"</P>
<P>Valve did not return repeated requests for comment.®</FONT><FONT face=Arial
size=2></P></DIV>
<DIV> </DIV>
<DIV></FONT> </DIV></BODY></HTML>