Steam transaction records potentially compromised in November hack

Through its investigation of last November's Steam security hack, Valve has discovered that intruders may have gained access to a backup copy of Steam transaction information ranging from 2004 to 2008. The data contained in this file included user names, email addresses, encrypted billing addresses and encrypted credit card information, though Steam account passwords were not part of this database. In an email sent to the press and Steam users, Valve head Gabe Newell reassured the community that Valve has found no concrete evidence to suggest the intruders actually obtained this information. "In my last note about this, I described how intruders had accessed our Steam database but we found no evidence that the intruders took information from that database. That is still the case," he wrote. He added that Valve has no further evidence to show that credit card or billing addresses have been compromised. He did, however, encourage users to pay close attention to their credit card statements, and to enable the Steam security feature Steam Guard. Sony, of course, saw a similar security breach last year, when intruders extracted personal account information, affecting numerous PlayStation Network users.