Steam users are being advised to consider changing their passwords. A report has indicated that hackers may have leaked the details of 89 million Steam accounts, which are now up for sale on the dark web. If this report is accurate, a large number of user accounts could be at risk. Compromised accounts may even lead to users losing access to their collection of PC games. The information about the potential sale comes from a LinkedIn post by Underdark AI. Underdark AI referenced a post on a black market forum by a user named Machine1337. This post is allegedly offering 89 million Steam account details for $5,000. If these details are obtained, accounts without two-factor authentication or those with unchanged passwords could be accessed. Additionally, the information could be used to send phishing messages. The potential situation was noted in a post shared on the social media platform X (earlier Twitter) by the user MellowOnline1.
In the X post, the user shared details about the alleged Steam data breach and advised users on how to keep their accounts safe. The user wrote: “Yesterday, an alleged major @Steam data breach occurred, compromising over 89 million user records (roughly two-thirds of all Steam accounts). These datasets are being sold for over $5,000 on what appears to be a site akin to Mipped.
Mipped alongside their sister sites is a forum site we at @SteamSentinels have warned Steam about for years for instances of developer blackmailing, review manipulation, greenlight boosting, and other dodgy activities, but as of yet, Steam hasn't tried to take action against the site.
https://techraptor.net/gaming/news/shady-russian-market-for-asset-flip-games-uncovered
https://steamcommunity.com/groups/Sentinels_of_the_Store/announcements/detail/4222762959836264571
This inaction has ultimately led to the selling of tens of millions of user account details.
✅ Enable two-factor authentication
✅ Monitor your email for suspicious activity
✅ Change your Steam password (and others, if reused)
✅ Beware of phishing attempts disguised as game promotions or support messages
✅ Join Sentinels of the Store to stay in the know!”
In the same thread, the user also noted: “An update suggests that the alleged Steam data breach is not a direct breach of Steam itself, but rather a supply chain compromise — meaning an external service that Steam relies on was targeted.
Here's what we understand from this update:
New evidence confirms some real data is involved: A sample of the leaked data includes real-time SMS logs, which are used in two-factor authentication (2FA).
Twilio is the vendor named: Twilio is a company that provides communication services, like sending 2FA codes via SMS. Steam uses (or used) Twilio for this.
Leaked info includes:
Message contents (e.g., the 2FA codes)
Delivery status (e.g., sent, delivered, failed)
Metadata (timestamps, recipient numbers, etc.)
Routing costs (how much it costs to send each message)
The implication means that the alleged Mipped seller has backend access to Twilio: The nature of the data suggests the attackers had access to Twilio's systems, likely through a compromised Twilio user account or API key or direct access to Twilio's backend dashboard.
Not a direct hack of Steam itself: Steam’s internal servers or databases don’t appear to be breached. But because they rely on Twilio for sending 2FA codes, this affects their users too.
Why it’s dangerous:
Phishing: Hackers could use the info to send fake but convincing messages to users.
Session hijacking: If attackers can intercept or replay 2FA codes, they might bypass login protection.”
Yesterday, an alleged major @Steam data breach occurred, compromising over 89 million user records (roughly two-thirds of all Steam accounts).
— Mellow_Online1 (@MellowOnline1) May 11, 2025
These datasets are being sold for over $5,000 on what appears to be a site akin to Mipped.
Mipped alongside their sister sites is a…
In the X post, the user shared details about the alleged Steam data breach and advised users on how to keep their accounts safe. The user wrote: “Yesterday, an alleged major @Steam data breach occurred, compromising over 89 million user records (roughly two-thirds of all Steam accounts). These datasets are being sold for over $5,000 on what appears to be a site akin to Mipped.
Mipped alongside their sister sites is a forum site we at @SteamSentinels have warned Steam about for years for instances of developer blackmailing, review manipulation, greenlight boosting, and other dodgy activities, but as of yet, Steam hasn't tried to take action against the site.
https://techraptor.net/gaming/news/shady-russian-market-for-asset-flip-games-uncovered
https://steamcommunity.com/groups/Sentinels_of_the_Store/announcements/detail/4222762959836264571
This inaction has ultimately led to the selling of tens of millions of user account details.
✅ Enable two-factor authentication
✅ Monitor your email for suspicious activity
✅ Change your Steam password (and others, if reused)
✅ Beware of phishing attempts disguised as game promotions or support messages
✅ Join Sentinels of the Store to stay in the know!”
Update: An update suggests that the alleged Steam data breach is not a direct breach of Steam itself, but rather a supply chain compromise — meaning an external service that Steam relies on was targeted.
— Mellow_Online1 (@MellowOnline1) May 11, 2025
Here's what we understand from this update:
New evidence confirms some…
In the same thread, the user also noted: “An update suggests that the alleged Steam data breach is not a direct breach of Steam itself, but rather a supply chain compromise — meaning an external service that Steam relies on was targeted.
Here's what we understand from this update:
New evidence confirms some real data is involved: A sample of the leaked data includes real-time SMS logs, which are used in two-factor authentication (2FA).
Twilio is the vendor named: Twilio is a company that provides communication services, like sending 2FA codes via SMS. Steam uses (or used) Twilio for this.
Leaked info includes:
Message contents (e.g., the 2FA codes)
Delivery status (e.g., sent, delivered, failed)
Metadata (timestamps, recipient numbers, etc.)
Routing costs (how much it costs to send each message)
The implication means that the alleged Mipped seller has backend access to Twilio: The nature of the data suggests the attackers had access to Twilio's systems, likely through a compromised Twilio user account or API key or direct access to Twilio's backend dashboard.
Not a direct hack of Steam itself: Steam’s internal servers or databases don’t appear to be breached. But because they rely on Twilio for sending 2FA codes, this affects their users too.
Why it’s dangerous:
Phishing: Hackers could use the info to send fake but convincing messages to users.
Session hijacking: If attackers can intercept or replay 2FA codes, they might bypass login protection.”
You may also like
Callum Wilson opens up on 'desperate' childhood where he 'cried himself to sleep'
Zepto Launches Subscription-Led Analytics Tool For Consumer Brands
EastEnders fans 'gobsmacked' as soap airs 'chaotic Christmas Day episode' in May
Emmerdale viewers weren't 'expecting that' as Ross Barton receives life changing news
Love Island host Maya Jama teases huge career move after signing Netflix deal
