Earlier this week, Steam forums were taken down due to an attack. Besides their forum security being compromised, Steam’s database containing user information was also breached. While the intruder(s) did get access to the server containing user credit cards and user information, Valve says it’s possible that Credit Card information was stolen but there’s no proof confirming yet. Regardless, Gabe Newell of Valve confirmed that the passwords in the database were hashed and salted and the credit card info, encrypted.
In an e-mail response, Gabe Newell says the information was encrypted using AES256 (for those who don’t know, it’s impossible, if not extremely difficult for this encryption to be broken). Moving on, Valve will compensate users with free copies of Portal 2 and DOTA 2. To quote Gabe, “soon”.
Update: The announcement was a fake e-mail.