A few days back Steam had a security breach due to an internal “configuration change.”
After placing a game in their cart and heading over to check out, some users were understandably startled to see that Steam had mistakenly autofilled information for random strangers. This information included partial credit card numbers, addresses, partial phone numbers, and more. A number of these users took to the internet to document the error.
The problem was only active for about an hour, though it’s worth mentioing that it took place during Steam’s annual Holiday Sale; a period of time when a lot of users are logged in and purchasing games. (The sale is still going now.)
Valve responded to an email from The Verge to confirm that they knew about the breach, but that everything was back in working order. They went on to add, “We believe no unauthorized actions were allowed on accounts beyond the viewing of cached page information and no additional action is required by users.”
In any case, you may want to keep an eye on your credit card statements for a couple of weeks.