A recent data breach has reportedly affected users of Steam, Valve’s wildly popular online gaming store and distribution platform.Â
The origin of the breach has not yet been confirmed, and Valve did not immediately respond to CNET’s request for comment. First reported by Underdark, a cybersecurity company, on LinkedIn, the information of 89 million Steam accounts popped up for sale on the dark web. The data allegedly includes users’ one-time passwords and phone numbers. The threat actor says it’s auctioning off this information for $5,000.
According to Steam’s stats page, more than 30 million concurrent Steam users were online at the time of this writing.
If you have a Steam account, you should change your password now to keep your game library — and financial information — secure. Here are some additional ways to protect your account.
How to protect your Steam account
The first thing every Steam account holder should do right now is change their password. At the very least, this will help secure your account.
If you want to take it a step further, you can use a password manager to create complex passwords and store them for you.Â
Next, enable two-factor authentication with your phone number and email. 2FA is an easy step that will make it much more difficult for unauthorized users to access your account. Steam doesn’t support the use of hardware security keys, which can offer another level of protection, so its in-house 2FA is going to be your best bet to protect your account.
If you already have 2FA enabled, be sure to check your email for any suspicious activity linked to your Steam account.Â
If you’ve recently received any one-time password text messages that you did not request, ignore them and change your password again. In the coming weeks, keep an eye out for any phishing attempts disguised as game product offers or other Steam-related content.
Protect your personal data and get peace of mind with CNET’s top pick for identity theft software.
Details
