As I write this, there’s only a couple of days left in 2015 proper, and it’s fairly traditional to look back over the year just gone at this time of year. 2015 has been a big year in technology circles, with the launch of numerous new devices, new versions of both Mac OS and Windows to contend with, new processors and the rise of newer technologies such as virtual reality and 3D printing.
Also, we got hoverboards-that-weren’t-hoverboards, but that could be quite risky both in a falling sense, and a starting fires/electrical shock sense. It’s not too many tech niches that manage their own ACCC safety warning when they’re only a couple of months on the shelves, so if you did indulge, or if you were given one over Christmas, take it easy, and remember to check if the plug adaptor’s properly rated for Australian use, as a couple of models were specifically withdrawn from sale for that very reason.
“Hoverboards” may not have been expected, but as Christmas rolled around, gaming service Steam gave its user base a rather more unexpected gift. For a very brief period, Steam randomly showed limited email and partial credit card details for other users’ accounts when some users logged in. This, not surprisingly, raised a lot of panic, because these are exactly the kinds of details you don’t want idly floating around the Internet for anyone else to see.
In a statement to gaming website Gamespot, Steam officially said that “As a result of a configuration change earlier today, a caching issue allowed some users to randomly see pages generated for other users for a period of less than an hour. This issue has since been resolved. We believe no unauthorized actions were allowed on accounts beyond the viewing of cached page information and no additional action is required by users.”
That’s not entirely reassuring; while it’s feasible and possible that other Steam users won’t have been able to spend thousands on games for themselves in the brief period that details may have been available, it’s equally troubling that even small details may have been leaked, because it’s these exact details that can be used for identity theft even in only parts of them come from a single source. If you’re a regular Steam user, it would be wise to both keep an eye on your Steam account purchases for a little while, as well as perhaps changing your password and enabling two factor authentication on your account.
Steam’s unexpected Christmas scare is a reminder of the kinds of security issues that won’t go away in 2016, but instead are likely to multiply. As end users, there’s not so much that you can do when bugs like the Steam one surface details you’d rather keep private, but there’s plenty you can do on your side to keep yourself secure. So if you’re lacking in other new year’s resolutions to ponder, why not adopt a new security overlook for your online accounts?
It’s not quite the same thing as quitting smoking or taking up a new hobby, but even simple steps like regularly changing passwords, eliminating any and all “easy” passwords (especially dictionary words), and using a good password management app such as Keepass or 1Password can work wonders at keeping your private details exactly as private as you’d like them to be.