Steam caching issue resolved
Steam's problems came during a winter sale that runs through 4 January  Steam/Twitter

Amidst its big winter sale, Steam battled with issues that appear to have put numerous users' personal data at risk. While hackers claimed an attack on the California server of the online gaming platform, it was neither a hack nor a DDoS (Distributed denial-of-service) attack but errors caused by caching.

While gamers around the world logged into Steam Store to make purchases during a winter sale that ends on 4 January, the site threw up numerous errors and displayed a language different from the user's preference. Despite being signed into their accounts, users saw details of others.

Steam Database confirmed via Twitter that Steam was facing caching issues that caused users to view account details of others. It also asked users not to use Steam Store.

It later said the issue was resolved. In a statement to GameSpot, Valve said: "Steam is back up and running without any known issues. As a result of a configuration change earlier today, a caching issue allowed some users to randomly see pages generated for other users for a period of less than an hour. This issue has since been resolved. We believe no unauthorized actions were allowed on accounts beyond the viewing of cached page information and no additional action is required by users."

According to a theory put forth earlier by Steam database in a blog post, a caching misconfiguration in one of Valve's layers caused Steam to incorrectly serve rendered and cached pages intended for a single user. Valve uses Akamai for its content delivery network and Varnish for caching.

Valve is having caching issues allowing users to view things such as account information of other users. Don't use Store for now.

— Steam Database (@SteamDB) December 25, 2015

.@ZylusDota The best way to protect yourself is to completely avoid Steam websites for now.

— Steam Database (@SteamDB) December 25, 2015

By the way, this is not a security breach. This is page caching gone rogue. Most likely not respecting Cache-Control headers.

— Steam Database (@SteamDB) December 25, 2015

Do NOT attempt to unlink PayPal, remove your credit card details or anything else. Doing so will put you at risk instead.

— Steam Database (@SteamDB) December 25, 2015

Users' personal information such as email and billing addresses, and sometimes credit card details were seen at risk. But the information is read-only and nobody would be able to perform any action on another's account.

It has warned those using PayPal, urging them to unlink their accounts. Users can do this by logging on to PayPal and going to settings and pre-approved payments under payment options.

It looks like the caching issue was resolved. We'll tweet updates if we have any. Stay safe!

— Steam Database (@SteamDB) December 25, 2015

We're very much aware that we shouldn't be the ones informing people about this, but Valve is consistently failing to do it themselves.

— Steam Database (@SteamDB) December 26, 2015