Valve’s Steam announces plans to stop theft in Steam Trading

Popular gaming software, Steam is upping its information security game.

Valve, the Steam software developer has admitted in a post that 77,000 Steam accounts are hijacked every month.

“Account theft has been around since Steam began, but with the introduction of Steam Trading, the problem has increased twenty-fold as the number one complaint from our users,”  the post read. “Having your account stolen, and your items traded away, is a terrible experience, and we hated that it was becoming more common for our customers.”

Account hijacking can be incredibly lucrative, with some attackers pulling in thousands of cash dollars trading away other people’s goods. Steam Trading is used to trade in-game items, games and virtual cards.  Steam did not want to take the items away from the innocent users that had purchased them from thieves, so they duplicated stolen items and gave them to the aggrieved parties.  The problem is that this devalues the items, since there are now more of them to be had.

Valve realizes that they’ve inadvertently created an environment where hackers are running rampant, and they’ve announced the steps they are taking to combat it.

Valve says that they are improving account security features, closing loopholes, and improving how they contact users about at-risk accounts.  They’ve also implemented self-locking and two-factor authentication, known as Steam Guard Mobile Authenticator (two-factor authentication). However, they’re having trouble getting user’s to adopt the new measures:

“At this time, most people have not protected their account with this increased level of security. Many don’t believe that they are actually a worthwhile target for a hacker who’s out to make money. Some felt they were smart enough about security to not need two-factor authorization. And other users knew they needed it, but couldn’t use it due to reasons beyond their control, like not having access to a mobile phone. “

In order to slow thieves down, they’ve decided to require anyone losing items in a trade to have the two-factor authentication enabled for at least 7 days, and to have trade confirmations turned on.  If these requirements are not met, Steam will hold the items for 3 days before delivery, giving people a small window to stop the trade.


For information on how you can prevent your organization from being breached by using USBInformer, visit or call 714-515-4011.

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *