Following an intrusion into Steam’s user forums over the weekend, unknown assailants may (key word) have gained access to certain personal details associated with Steam accounts.
While Valve stress that they “do not have evidence that encrypted credit card numbers or personally identifying information were taken,” they do admit that intruders could have gained access to user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information.
When the Steam forums return, all users will be required to reset their password, and Valve strongly recommends users change their data on other services that may have used the same password. It doesn’t look like all 30 million Steam users will prompted to change their passwords, but it might be a good idea.
“We do not know of any compromised Steam accounts, so we are not planning to force a change of Steam account passwords (which are separate from forum passwords). However, it wouldn’t be a bad idea to change that as well, especially if it is the same as your Steam forum account password.”
“I am truly sorry this happened, and I apologise for the inconvenience,” Newell concluded.
Related posts:
