Valve has sent out an email, letting Steam forum and service users know, that it has still found no evidence that the intrusion last year resulted in any data theft.
Valve boss Gabe Newell said the firm is continuing its “investigation of last year’s intrusion” with the help of outside security experts, and “no evidence that the intruders took information from that database” has been found.
“Recently we learned that it is probable that the intruders obtained a copy of a backup file with information about Steam transactions between 2004 and 2008,” he said. “his backup file contained user names, email addresses, encrypted billing addresses and encrypted credit card information. It did not include Steam passwords.
“We do not have any evidence that the encrypted credit card numbers or billing addresses have been compromised. However as I said in November it’s a good idea to watch your credit card activity and statements. And of course keeping Steam Guard on is a good idea as well.
“We are still investigating and working with law enforcement authorities. Some state laws require a more formal notice of this incident so some of you will get that notice, but we wanted to update everyone with this new information now.”
If you still haven’t changed your password information on the service and forums, it would still be wise to do so.