Valve Confirms: Steam User Data Safe, No Hack Compromise

Valve has firmly refuted recent reports suggesting that its Steam platform experienced a "major" data hack, confirming there was "NOT a breach" of Steam systems.

Despite concerns from some users about reports claiming over 89 million user records were compromised, Steam's thorough analysis revealed that the incident involved only a leak of "older text messages." These messages were one-time code SMSs and did not include any personal data.

In a statement posted on Steam, Valve clarified that after examining the leaked sample, it determined that customer data remained secure. "The leak consisted of older text messages that included one-time codes valid only for 15-minute time frames and the phone numbers they were sent to. The leaked data did not associate the phone numbers with a Steam account, password information, payment information, or other personal data," the company stated.

Valve further reassured users that "old text messages cannot be used to breach the security of your Steam account." They emphasized that any use of a code to change a Steam email or password via SMS triggers a confirmation sent via email and/or Steam secure messages.

Valve also took the opportunity to encourage players to enhance their account security by setting up the Steam Mobile Authenticator. This tool provides 2-factor security, which Valve describes as "the best way to send secure messages about your account and your account's safety."

Given the increasing frequency of data breaches and the fact that over 89 million users have a Steam account, the initial reports understandably caused concern. The gaming industry has seen significant security incidents in the past, such as the infamous 2011 PlayStation 3 and PlayStation Portable networks hack, which compromised 77 million accounts and led to a nearly month-long outage.

Moreover, it's not just customer data at risk. In October of the previous year, Pokémon developer Game Freak suffered a significant hack that leaked data about its former and current staff, as well as its development pipeline. In 2023, Sony confirmed that data of nearly 7,000 of its current and former employees was compromised in two breaches. Additionally, in December 2023, hackers breached confidential data at Marvel's Spider-Man developer, Insomniac.