Steam has reassured users that passwords, payment details, and account credentials remain secure despite reports of 89 million SMS messages linked to accounts being sold on the dark web. The gaming platform confirmed the leaked data—mostly expired verification codes and phone numbers—posed “no risk” to account security.

In a statement, Steam clarified the breach did not stem from its systems. Instead, unencrypted SMS messages passed through third-party providers during delivery were likely compromised. The exposed codes, which expire within 15 minutes, cannot be used to access accounts or personal data, the company stressed.

“Users do not need to reset passwords or phone numbers,” Steam said, adding that email or SMS alerts are sent whenever account changes (like password updates) are made. However, it urged players to enable Steam Guard, its two-factor authentication app, for extra protection.

The leak highlights vulnerabilities in SMS-based security. Steam warned users to treat unsolicited account security requests as suspicious but emphasized its own systems remain intact.

For now, gamers can keep fragging—not fretting—over their logins.