Hacker advertises alleged database of 89 million Steam 2FA codes, source of leak unknown

10 hours ago 6

(Image credit: Steam)

EnergyWeaponUser advertised a new archive on the dark web
They claim it holds phone numbers and OTP codes for Steam
Some researchers claim the archive came from Twilio, but the company denied having been breached

EnergyWeaponUser, a known cybercriminal and leaker, is selling a new database which, they claim, holds more than 89 million Steam user records, phone numbers, and one-time access codes.

Steam is a digital games distribution platform developed by Valve. It has more than 130 million monthly active users, which use the platform to buy, download, and play computer games.

Recently, a new thread in an underground forum appeared where the hacker offered the database for $5,000. BleepingComputer was among those who analyzed the records, and claims it holds “historic SMS text message with one-time passcodes for Steam, including the recipient’s phone number”.

Was it Twilio?

However, it is unclear where EnergyWeaponUser picked the archives up. Valve is being silent for the moment. An independent games journalist MellowOnline1 believes the theft is the result of a supply chain attack, with Twilio being the most likely victim.

Twilio is a cloud communications platform that allows devs to integrate different messaging, voice, and video features. Among other things, it provides SMS and MMS messaging, which many companies use for one-time passcodes and 2FA.

However, the company told BleepingComputer that it investigated the claims and found no evidence of compromise.

"There is no evidence to suggest that Twilio was breached,” a spokesperson for the company told the publication. “We have reviewed a sampling of the data found online, and see no indication that this data was obtained from Twilio."

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Another possible explanation is that an intermediary SMS provider could have been breached. At press time, the actual victim was not yet confirmed. EnergyWeaponUser’s claims could not be verified at this time. However, the leaker is rather infamous, as they were previously linked with Cisco, Ford, and HPE breaches.

Steam is warning users to enable Steam Guard Mobile Authenticator and keep an eye on account activity.

Via BleepingComputer

Ford says it is investigating claims thousands of workers have had data leaked online
Take a look at our guide to the best authenticator app
We've rounded up the best password managers

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read Entire Article