Steam account leak - further details needed - informational

LostCorpse

LostCorpse

LostCorpse

Soldato
Joined
14 Jun 2004
Posts
7,281
so this was posted yesterday. im just highlighting for info only.
www.bleepingcomputer.com

Twilio denies breach following leak of alleged Steam 2FA codes

Twilio has denied in a statement for BleepingComputer that it was breached after a threat actor claimed to be holding over 89 million Steam user records with one-time access codes.
www.bleepingcomputer.com www.bleepingcomputer.com

but worth watching for updates to the story for any actions people might want to take.
details still being confirmed, regarding source of info ect.

"Out of abundance of caution, Steam users are recommended to enable Steam Guard Mobile Authenticator for additional security and monitor account activity for unauthorized login attempts" to be honest people should have this already
 
Last edited:
store.steampowered.com

Steam News - A note about the security of your Steam account - Steam News

The recent leak being reported did NOT breach Steam systems
store.steampowered.com store.steampowered.com

A note about the security of your Steam account
The recent leak being reported did NOT breach Steam systems
You may have seen reports of leaks of older text messages that had previously been sent to Steam customers. We have examined the leak sample and have determined this was NOT a breach of Steam systems.


We’re still digging into the source of the leak, which is compounded by the fact that any SMS messages are unencrypted in transit, and routed through multiple providers on the way to your phone.


The leak consisted of older text messages that included one-time codes that were only valid for 15-minute time frames and the phone numbers they were sent to. The leaked data did not associate the phone numbers with a Steam account, password information, payment information or other personal data. Old text messages cannot be used to breach the security of your Steam account, and whenever a code is used to change your Steam email or password using SMS, you will receive a confirmation via email and/or Steam secure messages.



You do not need to change your passwords or phone numbers as a result of this event. It is a good reminder to treat any account security messages that you have not explicitly requested as suspicious. We recommend regularly checking your Steam account security at any time at

store.steampowered.com

Sign In

store.steampowered.com store.steampowered.com


We also recommend setting up the Steam Mobile Authenticator if you haven’t already, as it gives us the best way to send secure messages about your account and your account’s safety.
 
You must log in or register to reply here.
Back
Top Bottom