Earlier in the week, Steam’s servers came under attack. In addition to their forums being hacked, it seems the servers containing users credit card information may have been compromised  as well.
Here are the facts:
The server with credit card information was compromised. They’re only saying POSSIBLE credit card theft because they don’t actually know if the data was taken.
“We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders,”
This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. How encrypted? Well, take it straight from the GabeN’s mouth:
Wait, what’s that? F-free games to make up for the leak? Well gosh, that’s swell! And each individual password was encrypted on top of that, so nobody is getting anything worth a cent out of the hack. Except us and GabeN that is…