Rumor: Hacker Stole Data of 89 Million Steam Accounts (UPDATED)
One of Steam's partners may have fallen victim to a hacker attack, according to Underdark AI, a company specializing in cybersecurity. They noticed a database containing information about more than 89 million user accounts from the store was put up for sale online.
According to Underdark AI, the leaked information mostly includes details from SMS messages sent to gamers during two-factor authentication and other similar data. The hacker is asking for $5,000 for it.
It is suspected that the service Twilio, which provides two-factor authentication and SMS services, might have been hacked. However, Twilio representatives stated to the media that they conducted an investigation and found no issues. In turn, Valve representatives reported that the company doesn't use Twilio at all.
Update: Valve publicly commented on the rumors. In an official statement, it is stated that Steam's systems were not hacked, and the external leak does not pose a threat to users.
“The leak consists of old text messages with one-time codes valid for only 15 minutes, and the phone numbers to which they were sent. The leaked data does not allow identifying the Steam account, password, payment information, or other personal user data by phone number. You cannot hack your Steam account using old text messages,” Valve said.