Valve has now offered more information on what happened on Christmas Day, when some users of its Steam PC game download service viewed accounts on its web site other than its own. Valve said about 34,000 accounts were viewed in that fashion, due to a combination of a denial-of-service attack and an error from their web caching partner.
Valve said the attack caused traffic on the Steam site to go up by 2000%:
"In response to this specific attack, caching rules managed by a Steam web caching partner were deployed in order to both minimize the impact on Steam Store servers and continue to route legitimate user traffic. During the second wave of this attack, a second caching configuration was deployed that incorrectly cached web traffic for authenticated users. This configuration error resulted in some users seeing Steam Store responses which were generated for other users. Incorrect Store responses varied from users seeing the front page of the Store displayed in the wrong language, to seeing the account page of another user."
Valve said that the issue lasted for about 90 minutes before the company shut down the Steam store:
"The content of these requests varied by page, but some pages included a Steam user's billing address, the last four digits of their Steam Guard phone number, their purchase history, the last two digits of their credit card number, and/or their email address. These cached requests did not include full credit card numbers, user passwords, or enough data to allow logging in as or completing a transaction as another user."
Valve said there were no unauthorized actions on those accounts, and as such no additional actions were needed by those users. Valve said they are contacting the users who were affected by these issues but it did not state what they plan to offer to the owners of those Steam store accounts. It added:
"We will continue to work with our web caching partner to identify affected users and to improve the process used to set caching rules going forward. We apologize to everyone whose personal information was exposed by this error, and for interruption of Steam Store service."
Microsoft will keep Skype apps despite the rise of Microsoft Teams
Microsoft is releasing a version of Teams for families and consumers later this who subscribe to Microsoft 365. What does it mean for the Skype video chat app, which powers Teams? Not much. Microsoft will continue to offer both for the foreseeable future.
Microsoft fixes Windows 10 connectivity bug hitting VPN, proxy users
Microsoft shipped a new optional update for Windows 10 today, and it brings a fix for the connection issues reported last week. Specifically, those who were seeing no internet connection while using a VPN or proxy connection should see those problems remedied after applying this update.
Need a laptop with a Thunderbolt 3 port? Every PC here deserves a look.
Looking for a new laptop that has Thunderbolt 3 ports? Well, you're in luck, as we've rounded up what we think are the best Thunderbolt 3 enabled laptops available to buy today.
These awesome Minecraft deals are perfect for the gamers in your life
We've scoured the internet to find the best deals for all the Minecraft lovers in your life...even if that's just you. From consoles to toys, we have the deals.