Last November, Valve revealed that hackers gained access to sensitive Steam user information, including user names, billing addresses, and encrypted credit card information. Via a message from company founder Gabe Newell, the Valve informed users of the security breach but added, "We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked."

Nearly three months later Valve is still attempting to assess the damage, which, according to a second message from Newell received by Steam Users today, was more extensive than originally thought. "Recently we learned that it is probable that the intruders obtained a copy of a backup file with information about Steam transactions between 2004 and 2008. This backup file contained user names, email addresses, encrypted billing addresses and encrypted credit card information. It did not include Steam passwords." writes Newell.