Steam Data Breach: 89M Accounts Compromised

Steam Data Breach: 89M Accounts Compromised
Published Date: 15/05/2025

About 89 million Steam accounts were stolen in a major cybersecurity attack, and user data was allegedly sold for $5,000 on the black web. Israeli cybersecurity company Underdark.ai was the first to reveal the incident, identifying a hacker going by the handle “Machine1337” as the one who posted the stolen data on underground forums.

According to investigations, Valve, the business that created Steam, was not directly attacked, which is why the breach occurred. Rather, Twilio, a third-party provider of SMS-based two-factor authentication services, seems to be the source of the vulnerability. Sensitive information like phone numbers, message contents, delivery statuses, timestamps, and related metadata are among the hacked data.

There are serious hazards associated with the disclosed information, such as phishing attempts, identity theft, and illegal access to financial and personal information. Because Steam accounts frequently hold priceless digital assets, such as in-game purchases and games, the hack may cause impacted customers to suffer significant financial losses.

Experts in cybersecurity strongly advise all Steam users to take the following safety measures in light of the breach:

  • Change your passwords right away: Make sure your new password for your Steam account is both strong and distinct. Don’t use the same password on several platforms.
  • Turn on two-factor verification (2FA): To further secure your account, turn on Steam Guard or another type of two-factor authentication.
  • Track Account Activity: Check your account frequently for any fraudulent changes or transactions.
  • Watch Out for Phishing Attempts: Unsolicited communications that ask for personal information or point you to unknown websites should be avoided.

Regarding the incident, Valve has not yet released an official statement. The business has previously underlined how crucial account security is, pointing out that 77,000 Steam accounts are compromised every month, frequently as a result of customers failing to activate security safeguards.

This event emphasizes how crucial it is for businesses and individual users to have strong cybersecurity procedures. Users of Steam are advised to safeguard their accounts right away and to be on the lookout for any threats.

The news Steam Data Breach: 89M Accounts Compromised was published on Tech Bonafide.