My Horrible Interaction with Steam Support

[DoctorL]

For those of you that don't know me, I've been a Fallout 3 mod author off and on since shortly after its release.

My computer was compromised last Saturday via a remote desktop app known as Teamviewer. I had been using it for years, but someone hacked in to my online account somehow. I am a computer science major that focused in security. I left a hole in my security, but blaming me for this offense would be akin to blaming a home owner who had a front door with a window in it that a burglar smashed in. I never installed any suspicious programs, gave out my passwords, I use 2 factor authentication where possible excluding the one place where I really should have: PayPal because I hadn't used it in half a decade. I hope I'm conveying the precautions I've taken.

They remotely connected to my desktop computer from Bulgaria, then made $4,500 in fraudulent purchases using my PayPal account.

To add insult to injury, they accessed my Steam account and traded all of my collected cards and a few extra copies of games I had. Their value was minuscule compared to what I could have lost, but it's the principle.

Steam refuses to get these items returned to me. The attached image is the long version. Had my bank and PayPal taken this attitude, my wife and I would be $4,500 in the hole.

That's Steam's official policy. If you get hacked, sucks to be you.

http://i60.tinypic.com/15zl17n.jpg

http://i61.tinypic.com/344ut94.jpg

Edited June 10, 2015 by DoctorL

[ZeroKing]

This is certainly nothing new with Valve's (lack of) customer service. They've always been horrible.

[Chambers14]

Not Suprising

[Thandal]

<snip>

That's Steam's official policy. If you get hacked, sucks to be you.

 

Yes, that's always been their position. And, to a certain extent, I understand it. No un/pw system is immune to a brute-force attack. And when the first half of the credential is made public, the hack is reduced to needing to guess a mere 96 bits (or fewer) on average.

 

Steam is not your bank, and there are ZERO legal protections on your account with Valve. Caveat Lusor.

 

That the attackers were able to make purchases with your PayPay account indicates that you had NOT instituted 2FA there, as has been possible for years. :armscrossed:

[Meihyr]

Seriously, when GOG Galaxy is ready to go I will be purchasing games from that point onwards, because that's disgusting. Unfortunately, I have to use Steam to play some of my favourite titles like Skyrim and Fallout. Yes, users are responsible for keeping their Steam accounts and computers safe from hackers, but that doesn't stop them. They're always finding new ways to get in. :down:

Edited June 9, 2015 by JayCrane

[JimboUK]

Yeah it is terrible but I'm not sure what you expected of them here, as far as they know your account was accessed from your client running on your PC meaning they'd have to take your word for it, doing that could open the door to people trying all sorts on.

[DoctorL]

Seriously, when GOG Galaxy is ready to go I will be purchasing games from that point onwards, because that's disgusting. Unfortunately, I have to use Steam to play some of my favourite titles like Skyrim and Fallout. Yes, users are responsible for keeping their Steam accounts and computers safe from hackers, but that doesn't stop them. They're always finding new ways to get in. :down:

I'm glad somebody gets it.

[Kraggy]

 

Seriously, when GOG Galaxy is ready to go I will be purchasing games from that point onwards, because that's disgusting. Unfortunately, I have to use Steam to play some of my favourite titles like Skyrim and Fallout. Yes, users are responsible for keeping their Steam accounts and computers safe from hackers, but that doesn't stop them. They're always finding new ways to get in. :down:

I'm glad somebody gets it.

 

 

You provided NO EVIDENCE to Valve to suport your assertion, why on Earth do you expect them to simply believe you and reimburse you when from their perspectivce it's far more likely you're the one trying to act fraudulently.

 

I'm NOT saying ARE, I'm saying from Valve's point of view that's far more likely than your own personal PC being 'hacked'. I'd be surprised if many on-line services would take your unproven word for it. And no, any 'proof' you have from PayPal isn't relevant to your issue with Valve.

[TheMastersSon]

IMO the good news is that I'm seeing more and more game developers using phrases like "no internet connection required" as selling points for new products. If you want people to pay $50 or $60 for a video game, at least provide it on some kind of portable media and not just a bunch of bytes sitting on a hard drive.

 

Steam and other so-called digital delivery companies amount to unnecessary middlemen. What exactly is the practical difference between downloading a game from Steam for immediate use, and downloading it from Amazon or any other site on the internet?

 

As for Steam's support, it took them over a week to respond to our complaint about a game not being recognized for validation, even though it was valid. By the time they responded we had lost all interest in even playing it.

Edited June 11, 2015 by TheMastersSon