Although Valve says there's still no evidence that the Steam hack last November compromised passwords or credit card data, it looks like the intruders may have more information than we previously believed. Director Gabe Newell has admitted that it's "probable" the hacker or hackers obtained a backup copy of a file with information about Steam transactions between 2004 and 2008, including user names, email addresses, encrypted billing addresses, and encrypted credit card information.
Newell also said that Valve is in the process of working with law enforcement and "outside security experts" to determine the full extent of the intrusion. At this point, Valve believes the encrypted data has not been compromised, and passwords were not included in the backup file, so there's no immediate threat to Steam members. However, Newell notes that keeping an eye on your credit card and using Steam Guard for security is still a good idea. As for catching whoever's responsible for the hack, we're guessing all Valve will have to do is promise to hire them.