Recently, a rumor spread claiming that 89 million Steam accounts had been stolen, with user data allegedly being sold on the dark web. The advice was to change passwords immediately to prevent potential issues, such as losing entire game libraries. However, Valve has officially denied these claims, confirming that its servers were not compromised and that no warning messages were sent to Steam users.
Rumor and Clarification
The rumor was first shared by an independent journalist, @MellowOnline1, who owns the @SteamSentinels account. He also stated that the stolen data was being sold for $5,000 on a website called Mipped. Initially, the claim was that Steam accounts had been stolen. Later, @MellowOnline1 updated the information, clarifying that the theft was not directly related to Steam. Instead, it was allegedly connected to a third-party service provider called Twilio, which offers communication services.
The stolen data reportedly included SMS logs used for two-factor authentication, delivery statuses, metadata, and message routing costs. @MellowOnline1 clarified that Steam was not affected by the data breach and that its servers and databases remained secure. Therefore, users’ game libraries were not in danger.
Valve Responds
The story took another turn when Valve reached out to @MellowOnline1 to fully deny the rumors. Valve explained that it does not use Twilio’s services. @MellowOnline1 later apologized for causing alarm, stating that the information did not come directly from him but from a LinkedIn post by someone named Underdark.
He added that Steam users should still consider changing their passwords and enabling Steam Guard for extra security. The only confirmed fact was that Twilio was not the source of the data breach, though the stolen data is still reportedly available for sale on the dark web and may be used for phishing attempts.
