Security of our networks and services is important for us and for you. We take it seriously. If you are a Steam user and have a security issue to report regarding your personal Steam account, please visit our Support site. This includes password problems, login issues, suspected fraud and account abuse issues.

If you have discovered a vulnerability in Steam and/or a Valve product or have a security incident to report, we encourage you to submit a report to our public security program at HackerOne - https://hackerone.com/valve. Our guidelines for responsible disclosure are also available through that program.

If the public security program is inapplicable to your situation, then you may instead send email describing the issue to security@valvesoftware.com. If you feel the need, please use our public key to encrypt your communications with us.

We believe in responsible security disclosure practices. In accordance with this we appreciate reporters privately notifying us of vulnerabilities and setting reasonable time frames for response and disclosure based on the severity of the issue. We believe this method provides the most secure environment for Steam users and the Internet at large.

We will respond as soon as we can to fix verifiable security issues. When notified of legitimate issues, we will acknowledge your report, begin investigating the issue and will work to correct any vulnerabilities quickly.