Valve has informed users that when hackers breached Steam's security last year, they were able to access four years worth of transaction logs. However, while have still found no evidence that credit card information or billing addresses were compromised by the hackers.
In an open letter to all users of Steam, Valve's boss Gabe Newell said "Recently we learned that it is probable that the intruders obtained a copy of a backup file with information about Steam transactions between 2004 and 2008. This backup file contained user names, email addresses, encrypted billing addresses and encrypted credit card information. It did not include Steam passwords."
Newell again reiterated though, that users should keep a close eye on their credit card statements just in case their information has been accessed.