In the middle of Steam's winter sale, roughly 34,000 users had personal information exposed to other users. The breach was unusual. According to Valve, a partner tried to counter a denial-of-service attack by deploying new caching rules, hoping to distinguish the malicious traffic from normal customer traffic. For many users, the change accidentally loaded a different person's information when attempting to sign into a Steam account.

Users couldn't make purchases or access credit card information on the other person's account, but they could see details like the person's e-mail address, purchase history, and billing addresses. Valve promised to notify anyone who had been affected with an explanation of the breach. That e-mail has finally been sent.

"We’re sorry this happened," says the communication from Valve, "and have taken steps to prevent this problem from occurring in the future." Let's hope so. Fearing your account has been hacked on Christmas Day is a gift nobody wants.

We've included the full e-mail, below.