In November 2011, the Steam gaming platform, in addition to user forums where gaming fans gather to discuss various gaming topics, said that intruders obtained access to its Steam database in addition to the defacing the forums. At the time, the company said the compromised database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information.
After the company continued its investigation into the incident, Steam has now come forward with more information, saying that intruders likely obtained a copy of a backup file containing information on Steam transactions that took place between 2004 and 2008. This backup file, the company says, contained user names, email addresses, encrypted billing addresses and encrypted credit card information. The file did not include Steam passwords, they said.
“We do not have any evidence that the encrypted credit card numbers or billing addresses have been compromised. However as I said in November it’s a good idea to watch your credit card activity and statements. And of course keeping Steam Guard on is a good idea as well,” noted Gabe Newell, Founder of Steam parent Valve Corporation, in a blog post.
“We are still investigating and working with law enforcement authorities. Some state laws require a more formal notice of this incident so some of you will get that notice, but we wanted to update everyone with this new information now,” Newell added.
Steam is a gaming platform where gamers can buy and download games and play them from any computer. The Steam service is also backed by a large gaming community on the forums, and many of them use the service to chat as they play. The services support millions of users.