Earlier this week, Steam's forums were breached by hackers, and while that is a nuisance, it's not as bad as the database itself getting hacked. Well it turns out in a message from Valve's Gabe Newell, that yes, indeed the database was hacked. I knew it was weird that I couldn't log into Steam the other day.
At least, unlike Sony, Valve's wisely decided to show some transparency and keep its customers in the know asap. Here's what they had to say about the compromised information and what it means:
This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating.
Don't go freaking out just yet. The letter goes on to say that "we don't have evidence of credit card misuse at this time. Nonetheless you should watch your credit card activity and statements closely." Further, they "do not know of any compromised Steam accounts." Because of this, a password change hasn't been deemed mandatory, but Valve advises it nonetheless.
Hopefully this doesn't get any worse and we don't have another PSN fiasco on our hands.