close
close
Time to change your steam password? Data from over 89 million accounts have reported on the dark web

Time to change your steam password? Data from over 89 million accounts have reported on the dark web

by

Update:
 No, it sounds like it is okay. Here is a statement that we received from Valve:

Yesterday we were drawn to reports on Leck's older text messages that had previously been sent to Steam customers. We examined the leak test and found that this is not a violation of steam systems.

We still dig into the source of the leak, which is reinforced by the fact that SMS messages are unencrypted during the transit and are led by several providers on the way to your phone.

The leak consisted of older text messages that contained unique codes that were only valid for 15-minute time frames and the telephone numbers they sent. The telephone numbers have not linked the leaked data with a Steam account, password information, payment information or other personal data. Old text messages cannot be used to violate the security of your Steam account. Whenever a code is used to change your Steam -E email or password using SMS, you will receive confirmation by e -mail and/or Steam Secure messages.

From the steam's point of view, customers do not have to change their passwords or telephone numbers due to this event.

The original article continues below.

Details of 89 million Steam accounts were reportedly offered for sale on the dark web. Since the committed Tech team from RPS has just informed me that the dark web is not what you get when you get “Incognito Tab” and may be much more frightening than that may want to be considered to change your password. Or maybe not. As I said, everything is said at this point.

The messages come from a LinkedIn contribution by user Uzdark.ai, which is listed as a “computer and network security” page, as reported by our network chums under VG247. From the post:

Today, a threat actor published by Machine1337 in a well-known Dark web forum who claims to have violated steam and offers a data record of over 89 million user records for $ 5,000. The contribution contains:

  • A telegram contact for purchase
  • A link to sample data hosted in Gofile
  • Mounting of internal provider data that indicate deeper access

You later updated the post with the following:

After our first post in the alleged steam data injury (89 m+ user), new evidence confirms that a leaked sample contains real-time 2FA SMS protocols that have been guided via Twilio.

The data does not directly include news content, delivery status, metadata and routing costs – as suggests access to a provider dashboard or an API.

This increases a compromise of the supply chain, which endangers the safety of the user by phishing or hijacking.

X User Mellow_online, which shared the messages on this platform, says that they were contacted by a valve representative who “explained that they did not use Trillio [sic]The data protection company mentioned in the LinkedIn post.

Data security is very far away from my steering house – I still think that it is funny to say “in” in a hacker voice when a website is a little slower – so I will not add any additional comment (although I asked Valve for one). Do what you want with this information!

Leave a Comment