All Discussions > Steam Forums > Help and Tips > Topic Details
This topic has been locked
rene.dupont Jun 25, 2018 @ 10:10pm
Steam leaked my credit card information
First, I’m quite frustrated of the lack means to reach Steam directly. I couldn’t find any other way than the user forums to do so which is quite annoying since Steam is a business that charges money for goods and services.

As my subject title suggests, Steam as definately leaked my credit information to a third party. I have 3 different credit cards 2 of which I rarely or never use. I used one of them two days ago for the first time in 3 months for a DLC purchase. Within 24 hours of that purchase, I had no less than 7 fraudulent online purchases attempts on that card (I receive SMS every time).

I really wish someone in Steam could contact me about this. I can provide my credit card statements showing that the card has only be used on your website.

FYI: I do online purchases on almost a daily basis and NEVER had that problem before. So no, I dont have a spyware or keylogger on my computer. I have a strong antivirus and I’m always using the safe browsing feature with the on0screen keyboard when doing the purchases. The data leak is on your side and not mine.
< >
Showing 1-15 of 23 comments
C²C^Guyver |NZB| Jun 25, 2018 @ 10:18pm 
Originally posted by rene.dupont:
First, I’m quite frustrated of the lack means to reach Steam directly. I couldn’t find any other way than the user forums to do so which is quite annoying since Steam is a business that charges money for goods and services.

As my subject title suggests, Steam as definately leaked my credit information to a third party. I have 3 different credit cards 2 of which I rarely or never use. I used one of them two days ago for the first time in 3 months for a DLC purchase. Within 24 hours of that purchase, I had no less than 7 fraudulent online purchases attempts on that card (I receive SMS every time).

I really wish someone in Steam could contact me about this. I can provide my credit card statements showing that the card has only be used on your website.

FYI: I do online purchases on almost a daily basis and NEVER had that problem before. So no, I dont have a spyware or keylogger on my computer. I have a strong antivirus and I’m always using the safe browsing feature with the on0screen keyboard when doing the purchases. The data leak is on your side and not mine.


These are user forums...no one from Valve posts here, literally. Take it up with Steam Support.
#1
999999999 Jun 25, 2018 @ 10:20pm 
There is no leak on Valve's end. Your info was leaked/phished somehow on your end.
#2
Count_Dandyman Jun 25, 2018 @ 10:22pm 
If it was a steam leak there would be a lot more victims.
#3
sisukasi Jun 25, 2018 @ 10:28pm 
Waaaaait whaaat?Steam can't leak your credit card data as you are being redirected to the credit card manufacturer/bank you have it from right?(never payed with credit cards,only with Paysafe)They literally have lots of contracts with lots of credit cards providers/bank in which they say they will not give your data(not even your name)to any 3rd party applications.And why the heck do you use an onscreen keyboard when typing your credit card data?This literally makes everything easy.If you would have spyware or your screen watched from distance hackers can literally see everything you press on screen.And lastly,there is a support section where you can submit a ticket to Steam about this.If this is actually true and Steam really leaked your data they are in big trouble.
#4
rene.dupont Jun 25, 2018 @ 10:40pm 
Thanks for the replies.

No way in hell it’s from my side. Been working in IT for the past 25 years, I know everything (well, no one knows everything) about online safe practices. I have ZERO freeware or illegal software on my machine. Steam didn’t redirect me to my bank two-step authentication site either.

I did 100’s of online purchases in the past few years. Last I used that card was in March because Steam didn’t give me a Paypal option. I use that card on sites I dont trust 100% so if THIS stuff happens I can cancel the card and it wont affect my daily life.

24h hours after I use it here I get hit 7 times and you’re saying it’s on my side?!? No way Jose
#5
Count_Dandyman Jun 25, 2018 @ 10:46pm 
Originally posted by rene.dupont:
Thanks for the replies.

No way in hell it’s from my side. Been working in IT for the past 25 years, I know everything (well, no one knows everything) about online safe practices. I have ZERO freeware or illegal software on my machine. Steam didn’t redirect me to my bank two-step authentication site either.

I did 100’s of online purchases in the past few years. Last I used that card was in March because Steam didn’t give me a Paypal option. I use that card on sites I dont trust 100% so if THIS stuff happens I can cancel the card and it wont affect my daily life.

24h hours after I use it here I get hit 7 times and you’re saying it’s on my side?!? No way Jose
Such an expert but yo haven't considered the basic possibility that the cards details may have been skimmed, seen physically or that one of those sites you don't trust may have leaked the saved details after the fact. Hell it could even be your card provider or bank that leaked it there are way more variables here then you understand.
#6
Pheace Jun 25, 2018 @ 10:47pm 
Originally posted by rene.dupont:
Been working in IT for the past 25 years--> Steam didn’t redirect me to my bank two-step authentication site either.

Perhaps this wasn't the correct line of work for you? How in the world don't alarms start ringing at this point and do you still end up entering your CC information?

Also, there's two points of possible theft here , one is the service to which you made a payment and the most likely one, though you won't want to admit it, is *your computer*. You entered the CC info on your computer and a couple of days later it was being used for fraud.
Last edited by Pheace; Jun 25, 2018 @ 10:49pm
#7
76561198407601200 Jun 25, 2018 @ 10:54pm 
Originally posted by rene.dupont:
Thanks for the replies.

No way in hell it’s from my side. Been working in IT for the past 25 years, I know everything (well, no one knows everything) about online safe practices. I have ZERO freeware or illegal software on my machine. Steam didn’t redirect me to my bank two-step authentication site either.

I did 100’s of online purchases in the past few years. Last I used that card was in March because Steam didn’t give me a Paypal option. I use that card on sites I dont trust 100% so if THIS stuff happens I can cancel the card and it wont affect my daily life.

24h hours after I use it here I get hit 7 times and you’re saying it’s on my side?!? No way Jose

Yet myself hasn't had that issue at all. Also, did I read that correctly that you have used your card on sites you don't trust 100%, yet are somehow thinking it's a steam/valve issue?
#8
Satoru Jun 25, 2018 @ 11:02pm 
Originally posted by rene.dupont:
I use that card on sites I dont trust 100% so if THIS stuff happens I can cancel the card and it wont affect my daily life.

For all that "IT experience" you honestly don't seem to understand how security actually work

So you explicilty use a single card on ultra shady websites you dont trust

"MAYBE" just maybe, you know maybe one of those OTHER sites got compromised? And is using that information to buy stuff on steam?

If you're in IT you should know how it is, CORRELATION is not CAUSATION.
#9
rene.dupont Jun 25, 2018 @ 11:06pm 
Count_Dandyman, Sure, my card that never leaves my wallet got skimmed back in March and the scammers online decided to use it the day I use it on Steam. No, I don’t think it’s a plausible explanation at all.

Pheace, how can alarms goes up before the fraud attempts? As soon as the saw all the SMS when I wore up I canceled the cards immediately. True, I’m not dismissing it could be on my PC but it’s extremely unlikely. In the last two weeks, I did online purchase with on other credit card on Expedia, Sri Lanka Airlines, Booking.com and 2 government website for a trip I just went to from the same computer. I used the other card that got the fraud attempt on Steam because I didn’t trust it 100%

I entered the CC number around 15h00 and got hit 7 times right after midnight. You got all the facts, tell I’m paranoid. Yes, I admit there’s still a remote possibility it’s on my PC
#10
perpetuaL Jun 25, 2018 @ 11:07pm 
Contact steam support if you believe it stems from steam. If on the off-chance you uncover something, that definitely needs to be brought to their attention.

With that said, I have used steam for a very long time, and have never heard of anything like this occuring. if I databreach did occur I think we would see a massive influx of reports. It seems to me that you're associating it to steam without evience merely "timing" of the use and purchase. Remember correlation isn't causation. Is it plausible that it happened on another shady site, and they happened to use it now? Regardless, I recommend contacting steam support with your concern.
#11
rene.dupont Jun 25, 2018 @ 11:10pm 
Saturo,

Where did I say I’m using my card on Shady sites? I dont, Steam is a somewhat big site I never used and it’s mainly for gaming. Good reason to be safe in the first place.

If I “shady” site doesn’t offer PayPal, I’ll never use a redit card there. I’m not as dumb as you imply
#12
Aliquis Freedom & Ethnopluralism Jun 25, 2018 @ 11:13pm 
I doubt Steam leak the data but maybe your Steam client is insecure. You seem to be pretty sure it's not but they just patched some capacity to execute code through the chat or something didn't they?

If it's related to Steam whatsoever that is.

As for how unlikely something is with tens of millions of accounts and millions of users the unlikely become a a bit more likely considering how many users there is.
#13
Satoru Jun 25, 2018 @ 11:16pm 
Originally posted by rene.dupont:
Saturo,

Where did I say I’m using my card on Shady sites? I dont, Steam is a somewhat big site I never used and it’s mainly for gaming. Good reason to be safe in the first place.

If I “shady” site doesn’t offer PayPal, I’ll never use a redit card there. I’m not as dumb as you imply

So you read my post but didn't actually read it. That's sort of amazing. Let me repeat again what you said which is in my post here. For reference

https://steamcommunity.com/discussions/forum/1/1729827777356968748/#c1729827777357101927

Originally posted by rene.dupont:
I use that card on sites I dont trust 100% so if THIS stuff happens I can cancel the card and it wont affect my daily life.

Where did you say you were using yoru card on shady sites.

Here is where you said it.

Hubris is the failure of IT admins. If you think you are immune to attacks, you are a fool and I wouldn't let you in my server room nor near a keyboard or a mouse.
Last edited by Satoru; Jun 25, 2018 @ 11:17pm
#14
rene.dupont Jun 25, 2018 @ 11:18pm 
Perpetual,

Thanks, Finally found a way to contact them directly (using the purchases history option). For the record:

- I’m not dismissing the fact that it could be on my PC, just that it’s very unlikely
- I’m FULLY dismissing the possibility that my card got physically skimmed
- I never use my card on shady sites, only PayPal
- I didn’t fully trust Steam in the first place but still felt confortable 100%
#15
< >
Showing 1-15 of 23 comments
Per page: 1530 50

All Discussions > Steam Forums > Help and Tips > Topic Details
Date Posted: Jun 25, 2018 @ 10:10pm
Posts: 23
Start a New Discussion

Discussions Rules and Guidelines