This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
Nearly a week after the Christmas day Steam error that caused roughly 34,000 users to see other people's personal account information instead of their own, Valve has come forward to blame the problem on a denial-of-service attack from unspecified agents.
The fact that Valve waited nearly a week before saying anything about the problem is interesting, especially in light of the fact that the attack likely caused a significant drop in Steam sales on Christmas day -- smack dab in the middle of Steam's annual holiday sale, when many developers with games on the platform see a significant uptick in units sold.
According to Valve, the DoS attack began on the morning of December 25th, grew to the point that traffic to the Steam store was 2000 percent greater than average during a Steam sale event, and led to a caching error that served up the wrong pages to thousands of users who were trying to access Steam Store pages.
That caused many to see other peoples' Steam account info (billing addresses, partial credit card and phone numbers, etc.) and eventually drove Valve engineers to take the Steam Store offline temporarily so a new caching configuration could be implemented.
The company offered no further explanation of where the attack came from, but promised to "improve the process used to set caching rules" in the future.