A potentially serious hole in Steam's security was discovered, and patched, this past week.

The exploit allowed nefarious individuals to access any user's account with only their username, provided they didn't use the Steam Guard two-factor authentication system.

A worryingly simple breach, it involved requesting a password reset, but simply clicking continue rather than entering a verification code.

Valve has since patched the "bug," and has reset passwords on any accounts with "suspicious password changes during that period."

The online retailer also stressed in a statement that users' actual passwords were not revealed to hackers, and that if Steam Guard was enabled, accounts were "protected from unauthorised logins even if the password was modified."

If you received an unsolicited password-reset email from Steam recently, this is likely the reason - and it's probably time to activate Steam Guard, annoying though it can sometimes be.