Valve has dismissed recent reports its Steam platform suffered a “major” data hack, confirming there was “NOT a breach” of Steam systems.
While some users were concerned about reports that over 89 million user records were compromised, Steam’s own analysis determined that while there has been a leak of “older text messages,” those one-time code SMSs did not include any personal data.
In a statement posted to Steam, Valve said that after examining the leak sample, it has determined customer data has not been compromised, saying: “The leak consisted of older text messages that included one-time codes that were only valid for 15-minute time frames and the phone numbers they were sent to. The leaked data did not associate the phone numbers with a Steam account, password information, payment information or other personal data.”
“Old text messages cannot be used to breach the security of your Steam account, and whenever a code is used to change your Steam email or password using SMS, you will receive a confirmation via email and/or Steam secure messages,” the company added.
Valve did, however, take the opportunity to remind players to set up the Steam Mobile Authenticator to provide 2-factor security as it is “the best way to send secure messages about your account and your account’s safety.”
Given the prolific rise in data breaches and the fact that over 89 million of us have a Steam account, users had good reason to be worried about a possible security compromise. The most infamous video game-related data breach occurred in 2011 when PlayStation 3 and PlayStation Portable networks suffered a severe outage lasting nearly a month, with 77 million accounts compromised as a result of the hack.
And it’s not just customer data that’s at risk. Just last October, Pokémon developer Game Freak suffered a significant hack where data about its former and current staff was leaked, as well as its development pipeline. One year previous in 2023, Sony also confirmed data of nearly 7,000 of its current and former employees had been compromised in two breaches that year, and in December 2023, hackers breached confidential data at Marvel’s Spider-Man developer, Insomniac.
Vikki Blake is a reporter, critic, columnist, and consultant. She’s also a Guardian, Spartan, Silent Hillian, Legend, and perpetually High Chaos. Find her at BlueSky.
