The Steam Winter Sale of 2015 was probably one of the dullest events in the history of Steam Sales. There were no Daily and Flash deals, and the community event is nothing more than a daily comic plus some sort of ARG (alternate reality game) that only the most hardcore of puzzle-solvers can solve and make time for.
But in the middle of the dullness, there has been an outrage. A few days into the sale, around 30,000 user accounts were compromised when personal details like full name, complete address, and last four credit card digits were leaked. You log onto Steam, see pages that were seemingly meant for another user, go to their shopping cart, and see these all of these private information out there in the open. Granted that no user was able to buy anything off from someone else’s account, the leaked data is enough to significantly raise one’s chances for identity theft.
In the wrong hands, that kind of information can be used to take control of a user’s other online accounts. It can also be used for swatting- a practice wherein someone calls the police to a perfectly innocent person’s residence- and other such deeds.
Valve did release an apology statement though (a week after the leak). But still, it’s worrying that an online service as large and popular as Steam is vulnerable to these kind of security lapses. It just goes to show that you can never be perfectly safe online.
If you’re one of those users whose personal information has been leaked and have no way of knowing whether your data is being used for nefarious acts, here are a few warning signs to look out for.
1. Your other online accounts report that you’ve been signing in from new locations, unauthorized devices, and strange IPs. This is particularly common for email services like Gmail and Yahoo Mail.
2. You’re being locked out from your online accounts. Someone, other than you, has been changing passwords to online services that you often use.
3. You’re missing emails. Especially monthly statements from your bank.
4. You’re seeing charges for goods and services that you didn’t redeem or buy on your credit card statement.
Once you see any of these warning signs, then change your online credentials immediately or sign up with one of the many fraud protection services. Change your passwords and try to use two-step authentication (if the online service provides it) for extra security. Call your bank, have the strange charges cancelled (no matter how small they are) and ask how you can further secure your credit card. In this digital age, it’s always better to be safe than sorry.