As someone who works in a sensistive data environment (including CC and SSN#s) and HAS dealt with security breaches before, let me tell you all that while you are all debating the legality of a state's perticular law and its jurisdiction with business transactions done out of that state - the more important and pending legal issue to be concerned with are the federal laws that are broken (note the plurality). I'm not going to go into any specifics, but suffice to say that Valve will NOT be held to tell us anything, the only people that they are legally required to notify are the individuals affected by this mess. Companies/Organizations only disclose these kinds of incidents to the public and media as a PR move to cover their asses because they know that as soon as information hits the press, they will need to take control of the matter and make sure that what is reported is not damanging to the company/organization.
So right now, while its fun to create a shitfest of rumors, I'd suggest that we all calm down and let them deal with what they have to deal with. There will be NO cover up on Valve's part, they will disclose what happened but only to WHO it happened for now. -[Me109] PenDragon -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of chad Sent: Tuesday, April 24, 2007 10:08 PM To: [email protected] Subject: Re: [hlds] Valve Hacking coverup? [ Converted text/html to text/plain ] 200 cards * 5 tries each gives 1 valid number, so .5% * 1 million cards stolen gives 5000 valid credit cards per million stolen, wouldn't it? Cc2iscooL wrote: -- [ Picked text/plain from multipart/alternative ] You have records of the number, but the security code on the back cannot be stored except with encryption of the highest available standards...that's the thing that makes it work, and it's not like you can bruteforce a security key, because if you fail too many times the red flag at the card provider goes up and the card becomes useless anyway. On 4/18/07, Ryan Brady <[EMAIL PROTECTED]>[1] wrote: How then do they give steam accounts back if you can provide the credit card# used when purchasing? -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Cc2iscooL Sent: Wednesday, April 18, 2007 10:16 PM To: [EMAIL PROTECTED] Subject: Re: [hlds] Valve Hacking coverup? -- [ Picked text/plain from multipart/alternative ] Haha, yeah. They don't store any CC data I'm sure, if you haven't noted yet they ask you for ALL of your information EVERY time you buy a new game. They might keep records of purchases (duh?) but they don't store CC #'s and definitely not the security codes. Good luck hacking something that doesn't exist ;) On 4/18/07, Whisper <[EMAIL PROTECTED]>[5] wrote: -- [ Picked text/plain from multipart/alternative ] 1. Californian State Laws don't apply to Washington State companies 2. Vendors are required NOT to keep credit card numbers for 1 off transactions. Only vendors who have scheduled payments from a customer can do this, and even those details are supposed to be heavily encrypted. I guess if there is a special STEAM system for cheaters that automatically debits a persons credit card everytime they get VAC banned and issued with a new STEAM Account, then maybe Valve do have customers credit card numbers, but then again, if those are the credit card numbers Valve have stored, do we care? :) -- _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds[6] -- _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds[7] __________ NOD32 2202 (20070418) Information __________ This message was checked by NOD32 antivirus system. http://www.eset.com[8] _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds[9] -- _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds[10] ===References:=== 1. mailto:[EMAIL PROTECTED] 2. mailto:[EMAIL PROTECTED] 3. mailto:[EMAIL PROTECTED] 4. mailto:[email protected] 5. mailto:[EMAIL PROTECTED] 6. http://list.valvesoftware.com/mailman/listinfo/hlds 7. http://list.valvesoftware.com/mailman/listinfo/hlds 8. http://www.eset.com 9. http://list.valvesoftware.com/mailman/listinfo/hlds 10. http://list.valvesoftware.com/mailman/listinfo/hlds _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
