Steam, one of the most popular gaming platforms on PC, has reportedly been hit by a major data leak, but not directly. A third-party vendor that worked with Valve may have suffered a breach. This breach has exposed the data of over 89 million users.
This leak was first highlighted by Twitter user Mellow_Online1, who pointed to a LinkedIn post by cybersecurity firm Underdark AI. According to the post, a hacker using the name Machine1337 claimed on a dark web forum that they have access to over 89 million Steam user records.
The leak is said to include usernames, passwords, and even two-factor authentication (2FA) SMS logs, message contents, and other metadata. While Valve’s servers have not been directly breached, the data reportedly comes from a third-party vendor used by Steam, likely for sending 2FA messages.
Since the vendor’s name appears in the leaked logs, it is clear that the breach happened outside Valve’s system, but it still affects a large number of Steam users.
If you use Steam, now is the time to act. You should change your Steam password immediately. If you have used the same password on other accounts, change all the passwords. Hackers often test leaked credentials on other platforms, so it is important to secure all your accounts if you have reused the same login details elsewhere. You should enable Steam Guard or two-factor authentication.
Valve has not released an official statement yet, but the scale of this leak makes it one of the biggest threats Steam users have faced recently.
