Breach cyber

Valve Corporation

May 14, 2025 1 min read
Valve Corporation

Valve Corporation, the owner of Steam, faced a potential breach involving the leak of 89 million Steam user records with one-time access codes. The data was advertised for sale by a threat actor known as Machine1337. A sample of 3,000 records, containing historic SMS text messages with one-time passcodes for Steam, was examined by BleepingComputer. The incident is suspected to be a supply-chain compromise involving Twilio, a cloud communications company providing APIs for SMS and 2FA messages. Twilio denied any breach, but acknowledged investigating the situation. The data's origin is unclear, but it may come from an SMS provider intermediating communication between Twilio and Steam users. Steam users are advised to enable Steam Guard Mobile Authenticator for added security.

Source: https://www.bleepingcomputer.com/news/security/twilio-denies-breach-following-leak-of-alleged-steam-2fa-codes/

TPRM report: https://scoringcyber.rankiteo.com/company/valve-corporation

"id": "val546051425",
"linkid": "valve-corporation",
"type": "Breach",
"date": "5/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
Published by
Jeremy C
Jeremy C
You might also like
Breach cyber

GlobalX

public 1 min read
GlobalX, an American airline involved in the Trump administration’s deportation of illegal aliens, suffered a cyberattack on May 5,…
Jeremy C Jeremy C
Breach cyber

PrepHero

public 1 min read
A security lapse on PrepHero, a college recruiting platform, exposed millions of unencrypted records, including sensitive personal details and passport…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.