Data of 89 million gamers goes on the Darknet
Hackers offer data from 89 million Steam users for sale. SMS logs with 2FA codes could be affected. Experts suspect a gap from a third party. Valve is silent, but recommends additional safety measures for user accounts.
Data from 89 million Steam users captured
While Steam usually draws attention to himself because of his several sales or curious games like Bongo Cat, a contaminated game demonstration recently made headlines. Now there is also another worrying report. A cyber criminal with the alias Machine1337 just claims to be in possession of data of more than 89 million Steam users.
In a Darknet forum, the hacker offers this information for $ 5,000 for sale. The supposedly stolen data should be historical SMS messages with one-off pass codes for two-factor authentication (2FA) and the associated telephone numbers.
Where does the data come from?
Theft could be the result of a supply chain attack, with Twilio is the most likely victim. Twilio is a cloud communication platform that enables developers to integrate various messaging, language and video functions. Like the independent game journalist Mellow_online1 reports on X, technical evidence in the leaked data indicates real-time SMS protocol entries from Twilios Backend systems. The journalist suspects a compromised admin account or the abuse of API keys.
Many companies, including Steam, use Twilio to send SMS messages for two-factor authentication. However, the Twilio itself rejects any responsibility. In a statement, a spokesman for the company said: “There is no evidence that Twilio was compromised. We have checked a sample of the data found on the Internet and see no signs that this data comes from Twilio.”
Situation still unclear
Another possible explanation would be that a mediator SMS provider was hacked. At the moment, the actual victim has not yet been confirmed. The hacker’s claims have so far not been fully verified. However, the leaker is quite notorious because it has already been associated with data leaks at Cisco, Ford and HPE.
It is particularly worrying that part of the supposedly stolen data is relatively new. Delivery data that dates from the beginning of March 2025 were found in the leaked files that contain 3,000 data records. The compromised information apparently not only includes telephone numbers and 2FA codes, but also metadata, delivery status and other details.
Valve is silent while users are concerned
Steam operator Valve has not yet responded to inquiries. The platform is considered to be relatively safe and has over 120 million monthly active users. However, a data leak of this extent could have serious consequences, especially if attackers were able to use the stolen information for phishing attacks or to avoid two-factor authentication.
Steam generally recommends that users activate the Steam Guard Mobile Authenticator and keep an eye on the account activities. The Steam Guard Mobile Authenticator offers an additional security level by generating a unique code that needs to be entered with every login. This makes it much more difficult for attackers to access foreign accounts, even if they have username and password.
This is how users protect their steam account
At the moment, the current threat situation is still quite unclear. If you still want to be on the safe side, you can protect your own Steam account with the following measures:
- Activate the Steam Guard Mobile Authenticator via the official Steam app on the smartphone
- Use of a strong, unique password for the Steam account
- Regular renewal of the password, especially reports on data leaks
- Regular review of the account activities for suspicious processes
- Removal of payment information from the account if they are not used actively
