I think steam is a little bigger than PSN. Just change your password, problem solved. They also have that nice steam guard thing that requires you to confirm by email before you can log into steam on another PC.
There's a bunch of comments that go in-depth about the security systems Valve has here. Basically, unlike Sony, Valve actually used decent security. If you change your passwords then you're completely safe anyways.
Ring up your bank and ask them to keep watch on your card payments, most banks will do quite a lot to avoid fraud if you tell them you want the extra precautions.
The only thing that we have to be cautious about is if the hackers get access to our steam accounts, because they can really mess it up like getting it banned by VAC, or stealing it and selling it to Russians or Serbians. Valve's zero tolerance for hackers makes that a huge problem, and most of us probably have accounts worth $300 in video game purchases.
I doubt even Valve can carry on doing that if people lost their accounts due to their mistake. I did notice that Steam never seems to ask me for "verified by Visa" details, whereas every other place I've ever put my details into does. I'd feel a bit better if Steam at least asked for that.
And this is why multi factor authentication is so important and should be used for absolutely everything. Steam is atleast responsible enough to implement better checks and balances than Sony's PSN however it has to because of the proliferation of PC malware. This is why I keep all my bitcoins booby trapped and hidden under my matress.
the weakest point in security often is humans. quite hard to install systems that address such issue ...
Yeah i did that today, i only use Click&Buy for payments on Steam so there is an extra layer of security, but since Steam stores C&B login AND password i better play safe.
If you have Steamguard activated they can't use your account, even if the hackers got your login and pwd.
i thought that at first too, but if it is true that they got email adresses too, then steamguard is worthless, since they can get the key from there IF you are using the same password
If you are using the same password for everything you deserve to have your account permabanned. You wouldn't use the same key for your car & office desk... If you are using the same password for everything then you should lookup & use KeePass. Free encrypted password database that has sync to smartphone app. Multifactor wins again (something you know = steam account password, something you have = e mail account on another service)
I think that this message was sent by the hackers. They are in total control. I'll make a password so complex nobody will ever figure it out. Not even me.
or just do Correct Horse Battery Staple, difficulty to guess - hard - time to remember - you've already memorized it.
I buy all my steam crap with paypal, partly because steam doesn't like maestro cards, but also because I can run most things through paypal, which means I don't spread my details around too much.