Cybernews reports that major video game distribution service Steam was noted by its owner Valve to not have had its systems compromised following an ad touting the theft of 89 million records.
Most of the purportedly stolen records included one-time codes that expire within 15 minutes, rendering them useless in compromising Steam data, said Valve. "We're still digging into the source of the leak, which is compounded by the fact that any SMS messages are unencrypted in transit, and routed through multiple providers on the way to your phone," noted Valve, which added that there is no need for Steam customers to replace their credentials or phone numbers following the incident. Investigation conducted by Cybernews researchers revealed that the exposed data trove only included phone numbers and one-time codes, both of which were noted by Valve to not have been associated with specific accounts, personal information, password information, and payment details.
Most of the purportedly stolen records included one-time codes that expire within 15 minutes, rendering them useless in compromising Steam data, said Valve. "We're still digging into the source of the leak, which is compounded by the fact that any SMS messages are unencrypted in transit, and routed through multiple providers on the way to your phone," noted Valve, which added that there is no need for Steam customers to replace their credentials or phone numbers following the incident. Investigation conducted by Cybernews researchers revealed that the exposed data trove only included phone numbers and one-time codes, both of which were noted by Valve to not have been associated with specific accounts, personal information, password information, and payment details.
