Over the week of July 21st, users may have had their password changed on the popular gaming service, Steam.
According to Kotaku, there was an exploit that could be used to access customers Steam accounts, and all you needed was a Username. The hack in detail required a user to log onto Steam using the ‘Lost Password’ field. From here, anyone would have been able to change your password to a password of their choosing due to a security loophole which has since been shut.
“To protect users, we are resetting passwords on accounts with suspicious password changes during that period or may have otherwise been affected. Relevant users will receive an email with a new password. Once that email is received, it is recommended that users login to their account via the Steam client and set a new password.
Please note that while an account password was potentially modified during this period the password itself was not revealed. Also, if Steam Guard was enabled, the account was protected from unauthorized logins even if the password was modified.
We apologize for any inconvenience.”
Your saving grace, if you had it enabled, would have been Steam Guard. This is a service which provides the user with an extra level of authentication making this method of ‘hacking’ impossible.