[seunghomattyang]

Valve handled it well but something like this shouldn't even happen in the first place. Valve saw what happened to PSN so Valve should have improved its security after such an incident. Since Valve holds people's CC numbers and passwords, they should have put in a lot more care to something so fundamental like security. Customer shouldn't have to check their bank statements at all.

Sorry but real mensch in tech never has its database compromised.

[danilocampos]

> Sorry but real mensch in tech never has its database compromised.

It's nice to imagine but that's not really how the world works. Perfection is impossible after any system reaches a certain level of complexity. The technical security implementation might have been airtight, but then a human factor compromised things in the end. Tough to say. Nonetheless, "be perfect" is not a reasonable strategy – or expectation.

> Valve should have improved its security after such an incident.

You've typed words here without really saying anything. Improved it how? Who's to say they didn't? Until and unless Valve gives us a post-mortem, we'll have no idea what the cause of the breach is. Nonetheless, it may include factors they never thought to consider.

[seunghomattyang]

I highly doubt Valve's database is more complex than Apple's or Amazon's database. You never hear about theirs being compromised to the same extent as Valve's.

[vacri]

Given Apple's propensity to stomp on any negative publicity, they could have had a dozen similar issues and never disclosed them. Hardly a fair comparison.

[sukuriant]

But I imagine if Apple's or Amazon's databases were compromised, it would quite likely be to a similar extent.

Once you can perform a select statement, extracting data becomes pretty easy.

[Angostura]

That's one thing I'm slightly confused about. I always untick the 'store my credit card details to make future purchases easier' box - so were my card details in their database, or not?