Valve Confirms: No Steam User Data Breach

Valve has firmly rejected recent reports suggesting that its Steam platform experienced a "major" data hack, emphasizing that there was "NOT a breach" of Steam systems.

Despite concerns from some users about reports claiming over 89 million user records were compromised, Steam's thorough investigation revealed that the leak involved only "older text messages." These messages contained one-time code SMSs but crucially did not include any personal data.

In a statement released on Steam, Valve clarified that after analyzing the leak sample, it concluded that customer data remained secure. "The leak consisted of older text messages that included one-time codes that were only valid for 15-minute time frames and the phone numbers they were sent to. The leaked data did not associate the phone numbers with a Steam account, password information, payment information, or other personal data," the company stated.

Valve further reassured users that "old text messages cannot be used to breach the security of your Steam account." They added that any use of a code to change a Steam email or password via SMS would trigger a confirmation email and/or a secure message on Steam.

Given the increasing frequency of data breaches and the fact that over 89 million users have Steam accounts, concerns about potential security compromises were understandable. The gaming industry has seen its share of significant breaches, such as the notorious 2011 incident where PlayStation 3 and PlayStation Portable networks were down for nearly a month, affecting 77 million accounts.

Moreover, it's not just customer data at risk. In October of the previous year, Pokémon developer Game Freak faced a major hack that exposed data about its staff and development pipeline. In 2023, Sony confirmed that data from nearly 7,000 current and former employees was compromised in two separate breaches. Additionally, in December 2023, hackers accessed confidential data at Marvel's Spider-Man developer, Insomniac.