
But what happens when that’s taken away? When the $500+ (I’m lowballing here) of games you’ve accrued vanish into thin air? Well, let me tell you what happened to me, and how it sucks even more than you’d imagine.
It was a Friday morning. I turned off my alarm and grabbed
my smartphone, ready to check emails before making some oatmeal, my morning
ritual. I noticed an email from Steam with the title “Steam Account – Forgotten Password.”
Huh.
That’s weird, I
thought, maybe it’s from someone’s
computer I was using. They probably still had my username in and didn’t realize
it wasn’t their own. They must feel silly.
The thing about that, though, is I hadn’t been to a LAN
party or so much as used a computer I hadn’t owned in at least a month. I
didn’t think too much of it. My oatmeal was had and I went to work. On my way
out to lunch a few hours later with some co-workers and I checked my phone like
we all do when there’s a lull in the conversation. I had two new emails from
Steam, one titled “Your Steam account:
Access from new computer” and the other thanking me for changing my contact
email address. I stopped dead in my tracks.
God, I’m such an idiot! Someone’s stealing my account! I thought. I had the chance to fight back and I didn’t take it. Now someone’s taken away 25% of my usage for my home computer. I was furious at myself for being such a complacent ninny, at the hacker for taking what wasn’t his, and at Steam for not protecting me.
But wait, I had Steam Guard which sends unique codes to your
email address before you can log on from a different computer. He shouldn’t
have been able to hack my account with the second layer of security. I wracked
my brain trying to figure out how he could have guessed the randomized codes
until I happened upon the very simple but horrifying conclusion—he had my email
address.

I was panicked at first, but realized that it didn’t matter.
You know that email address you set up in middle school that you now use to
give to stores and places you know are going to be sending you spam that you
don’t want? You know, the one that has over 1000 messages in its inbox despite
it being cleaned monthly? It was that one. I couldn’t care less about that
email address. You want some deals for
staying at a Hilton? Maybe to hear about the price for a new bass at Guitar
Center? Take it, hacker. I don’t care. I thought.
And that was where I made the first critical mistake—not
remembering my Steam account was linked to that email address and they shared a
common password. Well done J., well done.
Lulzsec taught me a lesson that day that I wouldn’t actually
learn until last month, a week before I had to record Borderlands 2 footage. The first thing I did was file a ticket with
Steam. Something to the effect of “OH GOD, SOMEONE TOOK MY ACCOUNT, PLEASE HELP
ME. I’M AT WORK SO I CAN’T ACCESS MY ACCOUNT FOR VERIFICATION, BUT SOMEONE
STOLE IT FOR REAL WHAT DO I DO HELP WHAT IS MY LIFE”. There was nothing else I could
do until work was over; a full five hours of “what ifs.”
I got home from work and immediately tried getting on to my account, but to no avail. I even tried different password combinations to see if he just moved letters. I tried resetting the password despite knowing the contact email address had been changed. I even tried making a separate account to try talking to the hacker and saying he should give me my account back because come on man, be a buddy. Unfortunately, he had already set the profile to be private, so I couldn’t get in touch with him and my heart sank.
I put myself in Steam Support’s hands and hoped they could
make it better. I focused on other work over the weekend, making sure to give
Valve time to sort the issue out.
By Monday morning, however, I was getting anxious. I went
back to my ticket and realized that in my panicked haste, I had left out proof
verifying the account was mine. I gave full credit card information, my
driver’s license, a picture of my Left 4 Dead key with my ticket number on it,
everything. When I was satisfied knowing I could do nothing more, I let them
take the reins.
For a few days.
Wednesday rolled around and I needed gameplay footage before
doing live recording and still no message from Steam. Not so much as a “We’re
working on it.” A quick post to the Steam subreddit yielded “They’re usually
pretty fast” to “Good luck, I had to email bomb them to get mine fixed.” So I
sent an email to an employee and sure enough, it was cleared up in three hours.
In that time I also found out my Origin account was tied to my spam email and
he had tried ordering FIFA 13, but
without my full information, he couldn’t complete the transaction. Hooray.
He also changed my email settings to French. Hourra.
He also changed my email settings to French. Hourra.
So finally back in control of my Steam account and the worst
he’s done is deleted my friends. A pain, but an easy enough fix. No bans, no
account purchases, nothing. He just sat on my account for a weekend. Good for
you, buddy.
Though the entire ordeal lasted five days, it still felt
awful. Not only did someone have my account, they had easy access to stored
credit card information, they could get me banned from playing some of my
favorite games, they could pose as me to my friends to ask for gifts or trades.
It was a breach of my personal space, a space I thought was secure, but due to
no one’s fault but my own, was not.
More important and alarming, however, was the potential loss
of save game data. I’m a gamer that plays principally for story, and by taking
the record of my own story away from me, it’s like you’ve erased my personal
progress from happening. Chances are high I’ll never go back to that data
again, but if I ever do, I’ll be greeted by the character me-from-the-past
thought was awesome and a slice of life at the time. Even now, sound effects
from Counter-Strike or songs from Final Fantasy VI conjure very specific
memories in my life.
I played FFVI from the beginning to the opera house scene everyday during the summer of 1999. Anytime I hear that tune, I can remember conversations with my grandfather and how hot his small house could get. Though both he and the house are gone, I continue make the play through at least once a year.
I played FFVI from the beginning to the opera house scene everyday during the summer of 1999. Anytime I hear that tune, I can remember conversations with my grandfather and how hot his small house could get. Though both he and the house are gone, I continue make the play through at least once a year.
To me, save files are a record of my past or a hook
to happen upon a memory I’ve forgotten. When the hacker took my Steam account,
he took far, far more of me than I had bargained for and that feeling is awful.
Since then, I’ve adopted a more secure password, different
passwords for all of my accounts, and have turned on two-stage security with my
email address. Luckily, the only large negative impact I had was the video
review being pushed back a few days. I was lucky, and I intend to keep myself
from having to be lucky again. I value my personal information and privacy
enough to now know better than to leave myself open to attack.
So please, secure yourselves and realize that having your
Steam account stolen means much more than losing games.