My Steam account has been hacked

  • Two Factor Authentication is now available on BeyondUnreal Forums. To configure it, visit your Profile and look for the "Two Step Verification" option on the left side. We can send codes via email (may be slower) or you can set up any TOTP Authenticator app on your phone (Authy, Google Authenticator, etc) to deliver codes. It is highly recommended that you configure this to keep your account safe.
Rambowjo

Rambowjo

Das Protoss
Aug 3, 2005
5,073
5
38
32
Tapeland
This morning I booted my computer, and Steam requested my credentials (logging in), so I logged in once more. Steam then said that the password was wrong. Since it had been some time since I logged in last time, I tried some different passwords, but nothing worked. I then requested my password sent to me, since I couldn't remember it. Next I went to my Gmail, but there was no email from Steam, except a mail I received about 14 hours ago (at the time), saying that my password had been changed, however not telling me what it had been changed to. About 1 minute later (after that email) I had received a second email from Steam, saying that my Steam account's reference email had been changed aswell, rendering the account completely out of my control.

Luckily, retrieving the account shouldn't be that much of a hassle, and right now I'm going through the process. Steam told me all I had to do was send a picture of a retail CD-key that I have used on Steam, plus my Steam account's name written on it. They also said I could my creditcard information, ofcourse only the last 4 digits, full name and expiration date.
I'm assuming that I'll have it back in my control soon enough, but this still makes me wonder how it happened.
The password I used on Steam was "flyhigh", a pretty simple password I registered with when I was about 11 or 12 years old I think. Is it likely that it was bruteforced, or is it more likely that I have a keylogger? I'm right now in school, scanning my computer for all kinds of bad stuff.

My WoW account is still intact, luckily.

I've also found out that the guy has been playing Counter-Strike on my account :p
 
Dark Pulse

Dark Pulse

Dolla, Dolla. Holla, Holla.
Sep 12, 2004
6,186
0
0
38
Buffalo, NY, USA
darkpulse.project2612.org
Rambowjo said:
The password I used on Steam was "flyhigh", a pretty simple password I registered with when I was about 11 or 12 years old I think.
Click to expand...
No lie. You know this.

Your best bet to do would be to make a longer password, and one with more than just letters. I use an alphanumeric password for most of mine, which takes considerable time to bruteforce, and by throwing in a few numbers that generally will render it more immune to simple wordlist searches.
 
W

WGH

New Member
Jan 22, 2006
237
0
0
31
Moscow, Russia
wgh.ath.cx
It's offtopic, but I always use random-generated passwords, which stored in encrypted file, backed up at multiple places. Its password isn't random, but pretty long. KeePass FTW :)
 
toniglandyl

toniglandyl

internal data fragmentation : 62203480%
Jan 20, 2006
2,878
0
36
diceedge.blogspot.com
the worst case scenario would be if the guy obviously hacked in mutliplayer games like TF2 or L4D thus making you banned from these mutliplayer only games.
 
Sir_Brizz

Sir_Brizz

Administrator
Staff member
Feb 3, 2000
26,020
83
48
It's probably not likely that your password was bruteforced. Mainly, they'd need to get your account name from somewhere.
 
SlayerDragon

SlayerDragon

LLLLLLLLLLLLLLLLLADIES
Feb 3, 2003
7,666
0
36
40
But maybe they gave that information away or somehow left that information open to the public.

Let that be a lesson. Never give your account information out.
 
Kantham

Kantham

Fool.
Sep 17, 2004
18,034
2
38
Hey R.

Try contacting Steam about it. As I mentioned before I already got the same issue. They got it fixed for me after I gave away a few of my starting credit card numbers, they said my account was indeed appearing to be scammed.

They can get to you via secret password and ****s like that.
Never say things like Secret answer "Where I was born" and then give that answer a real one. People will try to find info about you, and get your account that way.


OR, you got a key logger.
 
Last edited:
Kantham

Kantham

Fool.
Sep 17, 2004
18,034
2
38
I suppose helping out and suggesting a solution to your said problem was a waste of my time then. I should probably have posted "lol" or ":S". :p
 
Rambowjo

Rambowjo

Das Protoss
Aug 3, 2005
5,073
5
38
32
Tapeland
Well, it's been recovered now by a Valve employee, so things are all good. That was a fairly fast response though, I was aiming after something like this standard :p


^^^ Jack, I would trust these people with my PIN-code. They know what digital privacy means, compared to some other idiots.
 
Last edited:
You must log in or register to reply here.
Top Bottom