My credit card was comprimised on Steam

Motley

2[H]4U
Joined
Mar 29, 2005
Messages
2,497
Well yesterday I get an email from my bank notifying me of suspicious activity. I log into my bank account and I see 8 separate $100 charges totaling $800. WTF? Are you serious. I called my bank had the card canceled immediately.

I submitted a support case with Steam. Then today I get a response from Steam saying that their fraud detection system has caught this, and that I should be getting a credits back into my account.

So I login to my bank and now I see 6 of the $100 charges were credited back. I'm hoping by Monday I see the other $200 credited back. I also have an emergency fraud credit being processed by my bank.

This is just nuts, I have never had this happen before. I will never store any credit card info on Steam, or any other online website, I'll be using gift cards from now on. These Chinese/Russian hackers are out of control and we need to improve our security systems here. Every week we hear of compromised systems.
 
Yeah, I don't use CC with Steam. I pay with Paypal. Sucks you got hit with this. Tis the season, fer stealin'
 
Well yesterday I get an email from my bank notifying me of suspicious activity. I log into my bank account and I see 8 separate $100 charges totaling $800. WTF? Are you serious. I called my bank had the card canceled immediately.

I submitted a support case with Steam. Then today I get a response from Steam saying that their fraud detection system has caught this, and that I should be getting a credits back into my account.

So I login to my bank and now I see 6 of the $100 charges were credited back. I'm hoping by Monday I see the other $200 credited back. I also have an emergency fraud credit being processed by my bank.

This is just nuts, I have never had this happen before. I will never store any credit card info on Steam, or any other online website, I'll be using gift cards from now on. These Chinese/Russian hackers are out of control and we need to improve our security systems here. Every week we hear of compromised systems.



I assume when pointing fingers at steam you off cause have made sure to have you own responsibility in perfect order ? Using only unique password every where with at 24+ chracter totally random password?
 
I'm not really blaming steam here, because their fraud detection system did catch this. I was also thinking my credit card was stolen from online website. I will never save any credit card info on any website again. Lesson learned.

btw, I do use very high level passwords with 20 chars on all my accounts, and they are all different. I use Safepad to encrypt my passwords file.

My question is how to these hackers get the funds from steam? I just don't understand the process of how the criminals get their money?
 
Yeah, I don't use CC with Steam. I pay with Paypal. Sucks you got hit with this. Tis the season, fer stealin'

Paypal isn't any better. I had a random charge on my Paypal to some random person in China. Hadn't used Paypal in months.

Paypal denied my dispute petition saying it "was consistent with my use patterns". Fortunately, my CC was linked with Paypayl, so I just disputed it with my CC and canceled the PP account.

At least CC has a better fraud dispute/resolution system.
 
I'm not really blaming steam here, because their fraud detection system did catch this. I was also thinking my credit card was stolen from online website. I will never save any credit card info on any website again. Lesson learned.

btw, I do use very high level passwords with 20 chars on all my accounts, and they are all different. I use Safepad to encrypt my passwords file.

My question is how to these hackers get the funds from steam? I just don't understand the process of how the criminals get their money?

use stolen card to buy Steam cards, sell steam cards at discount and pocket the cash.

I think the same process happens for other stuff as well. A couple of years ago I bought a bunch of Starbucks Verismo Pods on eBay for a really good price, 8 packs for $40 or so.
I got the package a few days later, looked at the invoice, it was drop shipped from Startbucks and paid with a Starbucks Gift Card, total paid was $96.
So it looks like they used a stolen credit card to buy Starbucks gift cards, and then sold products that were paid with the gift cards, and then pocket the cash paid via paypal.
 
use stolen card to buy Steam cards, sell steam cards at discount and pocket the cash.

I think the same process happens for other stuff as well. A couple of years ago I bought a bunch of Starbucks Verismo Pods on eBay for a really good price, 8 packs for $40 or so.
I got the package a few days later, looked at the invoice, it was drop shipped from Startbucks and paid with a Starbucks Gift Card, total paid was $96.
So it looks like they used a stolen credit card to buy Starbucks gift cards, and then sold products that were paid with the gift cards, and then pocket the cash paid via paypal.

hmm wow ok, I was gonna say, who the hell buys $800 in games on steam, I had no idea they are buying gift cards.

This sure looks like a lot of work, these damn criminals could be making a good salary at any IT job, yet they wish to spend 12 hrs a day stealing credit cards.
 
hmm wow ok, I was gonna say, who the hell buys $800 in games on steam, I had no idea they are buying gift cards.

This sure looks like a lot of work, these damn criminals could be making a good salary at any IT job, yet they wish to spend 12 hrs a day stealing credit cards.

The criminals that spend the time to hack websites can earn a ton of money from selling the contents, or they work for organizations that would somehow benefit from the hack (governments, extremist groups, criminal organizations, etc). With how piss poor security is at a lot of companies, they don't even have to work that hard. As soon as they gain initial access they can easily get all the data they want. Sony, Target, and Experian hacks are all good examples of that one.
 
Yes these companies need better security. I just changed all my passwords to all sites, deleted all credit card info, and enabled two step security process.
 
wait wait wait wait.

you're trying to tell me steam support responded to you in a day?
ONE DAY?

holy shit, you got lucky.
 
Well yesterday I get an email from my bank notifying me of suspicious activity. I log into my bank account and I see 8 separate $100 charges totaling $800. WTF? Are you serious. I called my bank had the card canceled immediately.

I submitted a support case with Steam. Then today I get a response from Steam saying that their fraud detection system has caught this, and that I should be getting a credits back into my account.

So I login to my bank and now I see 6 of the $100 charges were credited back. I'm hoping by Monday I see the other $200 credited back. I also have an emergency fraud credit being processed by my bank.

This is just nuts, I have never had this happen before. I will never store any credit card info on Steam, or any other online website, I'll be using gift cards from now on. These Chinese/Russian hackers are out of control and we need to improve our security systems here. Every week we hear of compromised systems.

The problem is the more security layers applied, the worse it gets for the actual customer. They can't win.

Really, the solution is kind of simple. mandatory 2 factor authentication. You buy something, you pay but the charge does not go through until you provide the pin texted to you.

The worst part isn't getting the new card. It's going out and changing all the automated payments and shit you have set up.
 
wait wait wait wait.

you're trying to tell me steam support responded to you in a day?
ONE DAY?

holy shit, you got lucky.

LOL I know I was surprised as well. Probably because it was a fraud issue.
 
The problem is the more security layers applied, the worse it gets for the actual customer. They can't win.

Really, the solution is kind of simple. mandatory 2 factor authentication. You buy something, you pay but the charge does not go through until you provide the pin texted to you.

The worst part isn't getting the new card. It's going out and changing all the automated payments and shit you have set up.

That's a good solution with the purchase pin text.

I have already went through all the sites I use for payments, and deleted all credit card info, I will just manually input for now. and changed passwords to 20 chars.
 
Well yesterday I get an email from my bank notifying me of suspicious activity. I log into my bank account and I see 8 separate $100 charges totaling $800. WTF? Are you serious. I called my bank had the card canceled immediately.

I submitted a support case with Steam. Then today I get a response from Steam saying that their fraud detection system has caught this, and that I should be getting a credits back into my account.

So I login to my bank and now I see 6 of the $100 charges were credited back. I'm hoping by Monday I see the other $200 credited back. I also have an emergency fraud credit being processed by my bank.

This is just nuts, I have never had this happen before. I will never store any credit card info on Steam, or any other online website, I'll be using gift cards from now on. These Chinese/Russian hackers are out of control and we need to improve our security systems here. Every week we hear of compromised systems.

Shitty all around.

However, just for information purposes, you card was likely not compromised via Steam, it was just used to purchase items on Steam, like someone already mentioned before, probably gift cards. Your card was much more likely skimmed/compromised elsewhere, the information sold or posted and then used to make the purchases.
 
I assume when pointing fingers at steam you off cause have made sure to have you own responsibility in perfect order ? Using only unique password every where with at 24+ chracter totally random password?
Right. Nothing like blaming the victim in a credit card theft. Good lord.
 
Back
Top