In a message sent to Steam users by Valve bossman Gabe Newell, it was revealed that the Forum hack that took place a few days ago has led to an intrusion on Steam proper. An outside group has managed to gain access to a database that stored a number of details of Steam users.
In the message, Newell said that Valve does “not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked”. That being said, the company is still advising that everyone keep an eye on their credit card statements while Valve continue to investigate the intrusion.
Amongst the personal information accessed by hackers were: usernames, passwords, billing addresses, games lists, email addresses and encrypted credit card details. Valve has stressed that at this point in time there is no evidence of any Steam accounts having been compromised, but the potential is there.
All Steam Forum users will be prompted to reset their passwords once the forums come back online – they are currently offline to prevent any further intrusions. Because Valve believes that no Steam accounts have been accessed (Steam accounts and Steam Forum accounts are technically two different accounts) they will not be enforcing a password reset for Steam users. However, if you’ve made the rookie mistake of using the same password for your Steam account and Steam Forum account, then you should probably change both to be on the safe side.
Here’s hoping the whole of Steam doesn’t get turned off today what with, you know, Skyrim and all.