A bunch of Steam accounts were hacked between July 21 and July 25 due to a bug in the service's password reset feature. Valve learned about the hole on July 25 and claims it has since closed the security hole. The bug enabled hackers to reset Steam account passwords without a security code using only the account's username.
Valve says it has reset the password on affected accounts and contacted affected users.
In a statement to Kotaku, a Valve spokesperson says that the company has reset passwords on affected accounts and contacted affected users. "Relevant users will receive an email with a new password," the statement reads. "Once that email is received, it is recommended that users login to their account via the Steam client and set a new password."