Have steam user records been leaked? Here is what you need to know

Since Saturday, claims for a data injury to the popular Gaming platform Steam, which means that more than 89 million user records are offered for sale on the dark web.

But Valve, the company that has Steam, says that the systems of the platform have not been violated.

It all started with one LinkedIn Post on May 10th from Underdark.aiWhat is described as a company offer “Cyber ​​Threat Intelligence Services.” In the post office, a “threat actor” named Machine1337, which was published in a dark web forum, said that he had injured steam systems and offered more than 89 million user records for the price of 5,000 US dollars in the USA.

In an e -mail declaration to CBC News, Valve spokesman Kaci Aitchison Boyle said that the company was “drawn to reports” that text messages had been leaked to steam users. After an examination of the leak test, she said that the valve could confirm that the leak was not due to a violation of steam systems.

“The leak consisted of older text messages that contained unique codes that were only valid for 15-minute time frames and the telephone numbers they sent,” the explanation said.

In the explanation, Aitchison Boyle said that Valve is still investigating the source of the leak, and it becomes complicated by “guiding” unimaginable in transit “and” by several providers “before it comes to the phone of a user.

“The leaked data did not link the telephone numbers with a Steam account, password information, payment information or other personal data,” says Valve's explanation. “If a code is used to change your Steam -E email or password using SMS, you will receive confirmation by e -mail and/or Steam Secure messages.”

Texts cannot be used to violate security security: valve

In an update to his original LinkedIn contribution, Underdark.ai claimed that it could be confirmed by a sample of the data sentence provided by the data seller that the seeped data contained “real time 2FA SMS protocol via Twilio”.

Dusk, A platform used by companies to get in touch with their customers via text, e -mail, chat and video with their customers said in an e -mail declaration to CBC that they could confirm that the infiltrated data does not come from them.

“There is no evidence that Twilio has been injured. We have checked a sample of the data found online and see no indication that this data has been received from Twilio,” the explanation says.

Valve's explanation said that users do not have to change their passwords or telephone numbers, but reminded them that the security reports of account security reports are suspicious that they did not explicitly requested.

Valve added that steam users regularly check their account security and set up Steam Mobile Authenticator so that they receive secure messages about their account security.