Valve has commented on a reported Steam information breach whereby particulars of 89 million consumer accounts had been stated to have leaked on-line. The corporate stated the reported leak didn’t breach Steam programs, however it was investigating the supply of the leak. Valve additional confirmed that the leaked information didn’t affiliate customers’ telephone numbers with a Steam account, password data, cost data or different private information. Steam customers need not change their passwords or telephone numbers because of this breach, the corporate stated.

Steam Account Knowledge Reportedly Leaked

Earlier this week, stories of a serious Steam information breach surfaced on-line after a LinkedIn user claimed to have discovered a malicious actor providing information of over 89 million Steam accounts for a price of $5,000 on a well-liked darkish net discussion board.

Based mostly on the unique declare, X consumer @MellowOnline1, who owns Steam consumer advocacy group ‘Sentinals of the Retailer’, shared an replace on the breach earlier this week, saying the leak probably originated exterior of Steam. In line with the consumer, leaked information included real-time SMS logs utilized in two-factor authentication (2FA) for Steam accounts, which might level the finger at a third-party vendor utilized by Valve.

Valve Says Steam Techniques Protected

In a post on Thursday, Valve acknowledged the leak however confirmed Steam’s programs weren’t breached.

“You could have seen stories of leaks of older textual content messages that had beforehand been despatched to Steam clients. Now we have examined the leak pattern and have decided this was NOT a breach of Steam programs,” the corporate stated.

“We’re nonetheless digging into the supply of the leak, which is compounded by the truth that any SMS messages are unencrypted in transit, and routed by a number of suppliers on the way in which to your telephone.”

As per Valve, the leak included older textual content messages consisting of one-time codes legitimate for 15-minute home windows and the telephone numbers they had been despatched to.

“The leaked information didn’t affiliate the telephone numbers with a Steam account, password data, cost data or different private information. Previous textual content messages can’t be used to breach the safety of your Steam account, and every time a code is used to alter your Steam e mail or password utilizing SMS, you’ll obtain a affirmation by way of e mail and/or Steam safe messages,” Valve assured Steam customers.

As such, customers don’t want to alter their Steam passwords or related telephone numbers. Valve, nonetheless, urged Steam customers to deal with any account safety messages that they did not explicitly request as suspicious and recurrently examine their account safety on the platform.

Valve additionally advisable customers to arrange the Steam Cellular Authenticator for a safer strategy to obtain messages about their account and its security.