Steam Experienced Security Flaw That Lead to Reset Passwords

Due to a security flaw in the password reset feature of Valve, Steam users became busy all weekend hacking each other's account as it had allowed users to reset another user's password even without the use of the person's email.

Popular users on Steam were the number one target of the hackers. This became possible when users found out that Steam is not verifying the codes that users input to check if they're valid. The flaw allowed hackers to bypass the authentication step by simply inputting nothing when the system asks for the one-time-use code. As a result, account intruders were able to reset the passwords of some users.

However, hackers were not able to transfer items of the hacked accounts to a different account because of the five-day freeze policy of the Valve. Also, unauthorized parties were still unable to login to the Steam account because accessing the email account is required.

Steam has recently announced that the situation is now under their control. The gaming platform has finally fixed the bug which caused many accounts to be hacked during the weekend. The video game development company responded quickly to the issue and has now reset the passwords of the accounts that indicated suspicious activity from July 21 to July 25.

Many were disappointed by the event which compromised the account of the Steam users. The gaming company has released an apology to the users for the inconvenience they experienced.

The incident will surely be serve as a wakeup call for Valve to improve their security measures to protect its users. As of February 2015, Steam has more than 125 million active users. Last year, the total revenue of the platform reached around $1.5 billion. The number of users is continuously increasing as the game titles in the platform also increases.

More News
Real Time Analytics