Valve is continuing its investigation into last year's Steam hack, and has discovered that a backup file with four years of transactions was probably obtained by the hackers. A letter from Gabe Newell maintains that credit card information and passwords should be secure, but warns users to watch their credit card statements for suspicious activity.
"In my last note about this, I described how intruders had accessed our Steam database but we found no evidence that the intruders took information from that database," Newell wrote. "That is still the case.
"Recently we learned that it is probable that the intruders obtained a copy of a backup file with information about Steam transactions between 2004 and 2008. This backup file contained user names, email addresses, encrypted billing addresses and encrypted credit card information. It did not include Steam passwords."
The company says it still doesn't have any evidence that the encrypted credit cards or billing addresses were compromised, but Newell repeats his prior advice to keep an eye on your credit cards. "And of course keeping Steam Guard on is a good idea as well," he points out. "We are still investigating and working with law enforcement authorities."