Valve Steam it seems is vulnerable to hacking, and the hacker believes that the company does not care about customer security. British student Ruby Nealon was able to put a game on the company’s site. This was soon removed, but it led to the discovery of another issue which has also been corrected.
Nealon had a Steamworks account and found it easy to hack the site. The website is old and even compared to new sites was not secure, but Nealon will not be hacking them again. He has been trying to bring the issues to the company, but they only acknowledged the problem when he hacked the account.
Nealon said he is not bitter or doing this for the money, but believes that something should have been offered. This is not the first time that Steam have been found wanting as in 2014 they were openly asked to put a bug bounty program in place. In 2013 supposedly private accounts were revealed and while this was fixed, it was later possible to see details of a stranger’s account. Nealon continued that a security team should be brought in, or things will only get worse.