Summary
- Steam accounts safe despite data leak on dark web.
- Leak traced back to cell phone provider’s unencrypted SMS.
- Users notified, cautioned on potential phishing risks.
As a devoted Steam user, I was alarmed when rumors circulated about 89 million accounts being breached, with sensitive data allegedly up for grabs on the dark web. Yet, in an effort to quell our concerns, Steam has issued a statement to assure us that our accounts remain secure. While they acknowledge the leak, they clarify that it primarily involves one-time codes, which were only valid for 15 minutes and the phone numbers associated with them.
Steam is looking into where the leak originated, and they believe it started with a mobile service provider. They explained that SMS messages aren’t encrypted during transmission and are often routed through numerous providers on their way to your device. However, Steam assures users that their systems haven’t been compromised, so there’s no need to change your passwords or phone numbers at this time.
Steam Users Data Potentially Being Sold On The Dark Web
A cybersecurity firm named Underdark recently shared on LinkedIn about a suspected data breach, even posting a screenshot that seems to depict an individual trying to peddle the data on the underground market of the internet (commonly known as the “dark web”).
The potential consequences are significant: Steam isn’t merely a game hosting service; it’s a vast repository of personal and financial data from users around the globe. If this security breach is confirmed, it could result in a surge of phishing attempts, unauthorized account access, and targeted attacks within the gaming community.” – Underdark.ai (Via LinkedIn.com)
Later on, Underdark clarified in his post that the data encompasses the content of messages, their delivery status, metadata, and the costs associated with routing – indicative of having back-end access to a third-party dashboard or API, rather than Steam itself.
It’s now clear that Underdark managed to secure a portion of the leaked Steam user data, as recent findings show that the leaked sample includes genuine real-time 2FA SMS logs transmitted through Twilio.
In simpler terms, “Underdark” refers to an incident where the security of Steam users might be compromised due to phishing or session hijacking through their supply chain. This could potentially lead to some spam messages being received by Steam users, as it has been verified that phone numbers were part of the data leak. However, it appears that this leak is more of a surface-level issue and may not pose a significant threat at this time.
Although it’s uncertain if this leaked data will have any consequences, Valve advises users to treat any unsolicited security messages as potentially suspicious. However, they want to assure users that their Steam accounts are secure and have not been compromised.
The leaked information does not link phone numbers to any Steam accounts, Steam passwords, payment details, or personal data. Previous text messages won’t be able to compromise your Steam account security. Additionally, whenever a code is used for changing your Steam email or password through SMS, you will receive an email and/or secure message confirmation from Steam.” (via Steam)
For enhanced safety on your Steam account, it’s advisable to configure the Steam Mobile Authenticator as suggested by Valve.
Read More
- Hollow Knight: Silksong is Cutting It Close on a 2025 Release Window
- What’s the Switch 2 Battery Life? (& How to Improve It)
- Best Settings for Stellar Blade – RTX 4060
- John Wick Director Chad Stahelski Explains His Wild Process Behind the Franchise
- The Last of Us Season 3: Why Abby’s Story is the Bold Move We Need
- One Piece Chapter 1152 DELAYED! Find Out the NEW Release Date!
- The Sims 4 Unveils Packed Roadmap for Summer 2025
- Red Dead Redemption 2 PS5, Xbox Series Update Rumored Releasing In 2025
- Hollow Knight: Silksong Steam Update Excited Fans
- preisvorhersage.com
2025-05-15 18:38