In November, online game distributor Valve revealed that hackers breached the system. In a recent follow-up statement, Valve CEO Gabe Newell says hackers probably got a hold of transaction data, which includes encrypted credit card info and billing addresses, as well as user names and email addresses.

Here’s an excerpt from the statement, published by Kotaku:

In my last note about this, I described how intruders had accessed our Steam database but we found no evidence that the intruders took information from that database. That is still the case.

Recently we learned that it is probable that the intruders obtained a copy of a backup file with information about Steam transactions between 2004 and 2008. This backup file contained user names, email addresses, encrypted billing addresses and encrypted credit card information. It did not include Steam passwords.

We do not have any evidence that the encrypted credit card numbers or billing addresses have been compromised. However as I said in November it’s a good idea to watch your credit card activity and statements. And of course keeping Steam Guard on is a good idea as well.

Newell says Valve is continuing to investigate and assisting authorities as they look into the matter. Although Valve doesn’t believe passwords have been compromised, it can’t hurt to change your Steam password, as well as any other sites on which you used the old password.

Valve: It’s ‘Probable’ That Hackers Obtained Old Steam Transaction Data [Kotaku]

Want more consumer news? Visit our parent organization, Consumer Reports, for the latest on scams, recalls, and other consumer issues.