The attack happened on Christmas morning. Valve stated “attacks against the Steam Store, and Steam in general, are a regular occurrence that Valve handles both directly and with the help of partner companies, and typically do not impact Steam users.” But the attack on Christmas morning took place during a peak sales period -- Steam registered over 2000% of their usual traffic for Steam sales.
Describing the attack and its response, Valve said this:
“In response to this specific attack, caching rules managed by a Steam web caching partner were deployed in order to both minimize the impact on Steam Store servers and continue to route legitimate user traffic. During the second wave of this attack, a second caching configuration was deployed that incorrectly cached web traffic for authenticated users. This configuration error resulted in some users seeing Steam Store responses which were generated for other users. Incorrect Store responses varied from users seeing the front page of the Store displayed in the wrong language, to seeing the account page of another user.”
Valve had disabled the Steam Store shortly after these errors began occurring and “remained down until [Valve] had reviewed all caching configurations, and [Valve] received confirmation that the latest configurations had been deployed to all partner servers and that all cached data on edge servers had been purged.” The Steam Store is now back up and running.
In a year that was full of DDoS attacks, it’s hardly surprising that Steam would be made a victim as well. This attack seems to have caused minimal damage to users and Valve, but it does give cause for the company to worry about attacks -- particularly during future sales.
- Keegan "HornetSting" Gallick.