Gabe Newell has admitted it is "probable" that the hackers who recently breached security on Valve's Steam platform made off with customer data.
In an email sent to Steam users, reported by CVG, Newell reaffirms that there is no evidence that information held in the main Steam database was compromised. The company believes, however, that a backup file containing information several years old was taken.
"We continue our investigation of last year's intrusion with the help of outside security experts," Newell writes. "In my last note about this, I described how users had accessed our Steam database but we found no evidence that the intruders took information from that database. That is still the case.
"Recently we learned that it is probable that the intruders obtained a copy of a backup file with information about Steam transactions between 2004 and 2008. This backup file contained usernames, email addresses, encrypted billing addresses and encrypted credit card information. It did not include Steam passwords.
"We do not have any evidence that the encrypted credit card numbers or billing addresses have been compromised … We are still investigating and working with law enforcement authorities."
Valve admitted in November that Steam had been breached by hackers. Newell recommends that users remain vigilant, keeping a watchful eye on credit card statements and making sure Steam Guard, an additional layer of security for the platform, is enabled.