Valve closes Steam password reset security hole

Some Steam accounts were stolen during the period from July 21 to July 25 due to a security flaw in the service's password reset procedure, Kotaku reports. The hole, which Valve learned of on July 25, allowed an attacker to reset a Steam account's password without a security code using only the account's name. Valve claims it has since closed the security hole.

This YouTube video shows how the attack worked. This user then ...

Read more...