The breach follows a wave of attacks on Sony's gaming systems earlier this year, and could have serious consequences for subscribers.
“Our Steam forums were defaced on 6 November. We began investigating and found that the intrusion goes beyond the Steam forums,” parent company Valve said in an message sent to users.
“Intruders obtained access to a Steam database [that] contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. We are still investigating.
“We don't have evidence of credit card misuse at this time. Nonetheless, you should watch your credit card activity and statements closely.”
The company didn't disclose how many of its 35 million members might be affected by the breach, but insisted forum users should change passwords and protect other accounts.
“While we only know of a few forum accounts that have been compromised, all forum users will be required to change their passwords the next time they login. If you have used your Steam forum password on other accounts you should change those passwords as well," the company said.
This article originally appeared at pcpro.co.uk