Valve founder Gabe Newell said that the Steam database, which contains customers’ personal data, had been breached. This database contains user names, hashed and salted passwords, game purchases, email addresses, billing addresses, and encrypted credit card information.
The company discovered the breach while investigating defacement of its Steam forums site on Nov. 6, Newell explained.
"We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating", Newell stressed. But he advised customers to monitor their credit scores anyway.
Newell said that users with accounts for the discussion forums will be required to change their passwords.
“We do not know of any compromised Steam accounts, so we are not planning to force a change of Steam account passwords (which are separate from forum passwords). However, it wouldn't be a bad idea to change that as well, especially if it is the same as your Steam forum account password”, he said.