After a data leak at Steam was suspected last Friday, which made passwords and payment information accessible on the Dark net, the all-clear has now been given.
After various news outlets suspected a data leak at Valve, it now turns out that it was just useless authenticator information.
Straight Out Of A Horror Movie
Numbers, please? It was reported that 89 million user accounts were affected by this “data leak”. Names, payment information and passwords have been compromised and distributed on the dark net. This has happened to other companies and websites in the past, and there is even a way to check this: The website haveibeenpwned.com can show you whether passwords and email addresses have already been leaked to the public.
The Data Is Useless For Anyone
But in the case of Steam, we can all breathe a sigh of relief: in a report from Valve, they confirm that there must have been some data leak, but that the document in question only contains one-time verification codes that are only active for 15 minutes, as well as the telephone numbers to which they were sent. While that's not great, according to Valve, you couldn't really do much with the phone number alone.
Your Accounts Are Still Secure
According to Valve, “The leaked data did not associate the phone numbers with a Steam account, password information, payment information or other personal data and old text messages cannot be used to breach the security of your Steam account, and whenever a code is used to change your Steam email or password using SMS, you will receive a confirmation via email and/or Steam secure messages.”
Valve makes the most important thing clear at the end: It is not necessary to change your passwords quickly, because your Steam accounts are still secure.