high SEVERITY
January 18, 2026
Steam API Key Exposure Detected - January 2026
Approximately ~1.8 million users potentially affected
Data Exposed:
- API keys
- Trade history
- Inventory data
- Email addresses
What Happened
A significant leak of Steam Web API keys was discovered on underground forums. Attackers are using exposed keys to initiate unauthorized trades and access account inventories.
What You Should Do
- Revoke your current API key at store.steampowered.com/dev/apikey
- Enable Steam Guard Mobile Authenticator if not already active
- Review your trade history for unauthorized transfers
- Check your inventory for missing items
- Report any losses to Steam Support immediately
Check If You Were Affected
Use GalaxyWarden to scan for your credentials in this and other breaches.
Scan My Email Free →