Steam hasn't actually been hacked

A recent attempt to pass off the fake Steam data leak as real quickly failed. But the situation itself is a wake-up call: protecting digital accounts is more important than ever.

An anonymous LinkedIn user posted about an allegedly leaked database of 89 million Steam accounts. The leak allegedly included one-time two-factor authentication codes, phone numbers, and timestamps. The price tag is $5,000. For a leak of this magnitude, that’s suspiciously cheap. And, as it turned out, not for nothing: the “leak” turned out to be faked.

Fake scoop from a dubious AI company

The representatives of a little-known company called Underdark AI were the first to announce the leak. They pointed out that the data was being sold by some hacker under the pseudonym Machine1337. The information was allegedly posted on one of the darknet forums.

But when they first analyzed the data, they noticed some oddities. The sample data contained old SMS messages without logins, account IDs or any related meta-information. Some strings were repeated, and timestamps had no logical sequence. This all pointed to a hodgepodge of previously merged and irrelevant data.

All of this pointed to a hodgepodge of previously merged and irrelevant data.

Valve, the company that owns Steam, has not released an official statement about the hack. And Twilio, the cloud communications provider mentioned in the rumors, has categorically denied any involvement. What’s more, Steam doesn’t use Twilio to send codes at all.

Why it still matters: accounts at risk

Although the “leak” turned out to be fake, the incident is a reminder: cyber threats are real, and protecting accounts is everyone’s job.

Many Steam accounts can be worth thousands of rubles or even dollars. Losing such an account is not just a nuisance, it’s real damage.

Two-factor authentication (2FA) is a strong way to increase security. The best way to use apps that generate codes right on your device is to:

Steam Guard
Apple Passwords (built in iOS, iPadOS and macOS)
Google Authenticator
Authy

SMS codes work too, but they’re vulnerable to attacks via SIM spoofing and phishing. If you’re still using SMS to log in, it’s time to switch to a more secure option.

SMS codes work too, but they’re vulnerable to SIM spoofing and phishing attacks.

How to protect your account: A short checklist

Include 2FA wherever possible.
Use code generators, not SMS.
Do not repeat passwords on different sites.
Store passwords in a secure password manager.
Enable login notifications.

The current “hack” turned out to be false, but the next one could be real. Make sure your accounts are protected beforehand.

Microsoft will lay off 3% of its employees

Xiaomi unveiled a floor air conditioner with HyperOS, quick cleaning and instant cooling

More in:Services

75% of VKontakte users customize privacy

Yandex Search now has a reasoning mode and content generation with the help of Alice

Alice on YandexGPT 5 Lite became available to all users without subscription

Yandex introduced Search Verticals for selecting goods and services

News

Samsung is preparing new low-cost Galaxy Buds Core earbuds with a record battery life

iQOO Z10 Lite: new name, familiar face and possible rebranding

Racer Fernando Alonso appeared in the teaser of the Realme GT 7

Rumors about the Nvidia RTX 5080 Super have surfaced

Realme Neo 7 Turbo smartphone specs leaked online

About ForGeeks.pro

ForGeeks.pro

Search

Fake scoop from a dubious AI company

Why it still matters: accounts at risk

How to protect your account: A short checklist

Share

You may also like

More in:Services

News

Latest Posts