Alarming reports have emerged claiming that hackers are offering data from approximately 89 million Steam user accounts for sale. The listing appeared on dark web platforms and reportedly carries a price tag of $5000 for the full dataset.

Early theories suggested that the breach originated within Valve’s own infrastructure. However, updated information points to a different scenario — one involving a compromise through a third-party vendor linked to Steam. This method aligns with known supply chain attacks, where threat actors exploit external services with weaker cybersecurity.

Image: x.com Image: x.com

While Valve has not officially confirmed the incident, sources indicate that the company is actively investigating the matter internally. They also stress that there's no clear evidence of a direct breach involving core systems or authentication providers like Twilio.

Until Valve releases an official statement, it’s recommended that all users take precautionary steps: reset passwords, review account activity, and enable two-factor authentication. Even if the breach didn't stem from Valve itself, the scale of the potential exposure is significant and warrants immediate user attention.

Main image: x.com

Comment on this