It wasn’t.
If you’ve been on the internet today and hang around stupid people prone to panic on various Discords, you’ve probably been made aware of a big Steam leak affecting all 89 million users, and you should change your password right now before we get hit with a terrorist attack or something.
It didn’t happen. There were some SMS messages leaked but they didn’t come from Steam servers nor were they a result of someone breaching Steam security.
Thankfully Valve have addressed the claim directly in a Steam news post. The maker of Steam is investigating to see if they can track down the source of the leak, something they admit is difficult because of how many hands are involved and how unencrypted those messages are.
But rest assured your Steam info isn’t about to end up in the hands of some Saudi prince or more likely a dweeb in Buffalo who is going to sell your trading cards to buy all the femboy dating sim games on Steam with the wallet currency.
The leak consisted of older text messages that included one-time codes that were only valid for 15-minute time frames and the phone numbers they were sent to. The leaked data did not associate the phone numbers with a Steam account, password information, payment information or other personal data. Old text messages cannot be used to breach the security of your Steam account, and whenever a code is used to change your Steam email or password using SMS, you will receive a confirmation via email and/or Steam secure messages.
But seriously, activate your multi-factor authenticator if you don’t have it already.
MMO Fallout 