No, your steam data is not leaked, valve confirms

Valve has confirmed that your Steam password or other private information has not been leaked. On top of that, Valve noted that the leak comes from a different source than Steam and does not provide information about the steam account you need to worry about linking to your Steam account.

In a statement sent to GamesPot, a Valve representative said: “Yesterday we learned about the leak of an old text message that had been sent to Steam customers. We have checked the leak samples and determined that this is not a violation of Steam Systems.”

Security company Underdark is the first to report a so-called leak, writing on LinkedIn that information from 89 million Steam accounts is being sold on the Dark Web. However, Valve corrected that with the leak coming from the SMS service that sent temporary two-factor login code. Valve said the phone number has been leaked, but no information related to your Steam account, including those related to the phone number, has been leaked.

Valve continued to say that Steam users don't need to change their passwords or worry about this panic, but Valve will continue to investigate to determine the origin of the vulnerability. The company does recommend that users activate Steam Mobile Authenticator because it provides a safer way to verify your account compared to SMS authorization.

You can read Valve's full statement below:

“Yesterday, we realized the leak of old text messages that had been sent to Steam customers. We have checked the leak samples and determined that this is not a violation of the Steam system’s information.

We are still delving into the source of the leak, due to the fact that no SMS messages are encrypted in transit and are routed through multiple providers on the way to the phone.

The leak consists of older text messages, which include one-time codes that are valid only in a 15-minute time frame and the phone number they send to. The leaked data does not associate a phone number with a Steam account, password information, payment information or other personal data. Old text messages cannot be used to violate the security of your Steam account, and you will get confirmation via email and/or Steam Secure Messages whenever you use SMS to change the code for your Steam email or password.

From a Steam perspective, customers do not need to change their password or phone number due to this incident. This is a good reminder and it is best to treat any account security messages that you have not explicitly requested for suspiciousness as. We recommend checking you regularly Steam Account Security at any time.

We also recommend using Steam users to set up a Steam mobile validator (if not already) as it provides us with the best way to secure messages about their account and the security of that account. ”