Steam Security Hole Closed

Valve has closed up a Steam security hole that allowed for the hijacking of user accounts with minimal effort, which caused temporary account loss for some prominent streamers and DOTA 2 pros, reports Kotaku Australia (thanks VG247). As this video demonstrates, this involved simply entering a blank in place of a required security response code, making it a trivial matter to hijack any account only by knowing a user's name. Valve says this resulted from a bug which was active between July 21-25 which has now been fixed. Here's Valve's statement on the matter:
To protect users, we are resetting passwords on accounts with suspicious password changes during that period or may have otherwise been affected. Relevant users will receive an email with a new password. Once that email is received, it is recommended that users login to their account via the Steam client and set a new password.

Please note that while an account password was potentially modified during this period the password itself was not revealed. Also, if Steam Guard was enabled, the account was protected from unauthorised logins even if the password was modified.

We apologise for any inconvenience.