I hear that being said, but how? If Steam is following best practices of the last several decades, which I’m sure it does, it doesn’t have the passwords in usable form.
The seller claims this is a “fresh” leak and says it includes usernames, passwords, two-factor SMS logs, message contents, metadata, delivery status, and other sensitive details. SOURCE
Again, the panic smells rotten because Steam should not have a plaintext copy of your password, it should be hashed, and there’s just no way steam isn’t doing that.
I hear that being said, but how? If Steam is following best practices of the last several decades, which I’m sure it does, it doesn’t have the passwords in usable form.
The problem is, this “leak” did not come from Steam’s mishandling of data, but the third-party used to processes 2FA authentication.
Who shouldn’t be within a thousand feet of passwords.
Way more than just passwords, apparently.
And here’s an article saying otherwise.
https://www.vg247.com/steam-vendor-data-breach-passwords-89-million-users-dark-web
Again, the panic smells rotten because Steam should not have a plaintext copy of your password, it should be hashed, and there’s just no way steam isn’t doing that.
That’s a promising update! Thank you for posting.
Funny how even the URL of that article suggests that passwords were breached. LOL