TLDR: This Holiday in security
After the massive denial of service attacks on Sony and Microsoft networks last year, rendering devices useless for millions, we all knew that this year something big would need to come along to make a splash.
In short I think we can all agree that something also quite interesting happened this year. This time no hacking groups were involved and no real hacking attempts had been committed. This year instead users had fallen victim to poor configuration.
Early afternoon of the 25th of December 2015 users started seeing different languages on their Steam clients, after so they were able to view other users information. This ranged from email addresses, buying history and other personal information.
After so some users headed to Twitter and other social media outlets to voice their concerns, waiting for an official response from Steam.
Steam is freaking out like crazy – each time I hit refresh I end up in someone else’s account – items in cart and everything seriously.
— Shams Jorjani (@ShamsJorjani) December 25, 2015
Soon after this Steam shut down their store, presumably to troubleshoot and fix the problem. Approximately an hour and a half later the Steam store re-opened with services appearing to be running as usual. Soon after this Steam released a statement detailing:
Steam is back up and running without any known issues. As a result of a configuration change earlier today, a caching issue allowed some users to randomly see pages generated for other users for a period of less than an hour. This issue has since been resolved. We believe no unauthorized actions were allowed on accounts beyond the viewing of cached page information and no additional action is required by users.
Image Source: Steam