https://help.steampowered.com/en/faqs/view/3B6E-B322-2400-8D24

Steam Support does not restore items that have left accounts for any reason, including trades, market transactions, deletions, or gifting.

It is your responsibility to secure your Steam account. To quickly make trades or sales on the Market, your account must be protected by a Steam Guard Mobile Authenticator. This ensures that only you are able to remove items from your account. If you can’t enable an Authenticator, Steam will hold the trade or Market sell listing for a period of 15 days so that you’ll have enough time to discover and cancel pending transactions if your account was compromised.

Steam Support does not restore lost items. Items often exchange hands multiple times before a restoration request and this means they cannot be restored without duplicating them or removing them from another innocent user’s inventory. Duplicating items has a negative impact on everyone who trades or uses the Market by lowering the value of items.

"It is your responsibility to secure your Steam account"

AFAIK my account IS secured, but still I now am missing years of collected content :(

My steam guard has given no notifications of trades, and nor would I confirm them If had seen them, whatever has happened has bypassed any 'authentication'. This is greatly worrying.

Yes I HAVE secured my acct and did so years ago my PW was changed earlier this year, I have no malware and regularly full-scan my PC for malware.

I take great steps to check my own security. And have 2FA on all my online accounts, yet this happened despite these measures.

Originally posted by Munkeh:

Yes I HAVE secured my acctand did so years ago my PW was changed earlier this year, I have no malware and regularly fill-scan my PC.

I take great steps to check my own security. And have 2FA on all my online accounts, yet this happened despite these measures.

Changing your password once years ago means nothing. You leaked your account information somewhere. Steam Guard is useless if you give the code away on a silver platter.

Instead of arguing you should follow these steps now, immediately.

Originally posted by Munkeh:

Yes I HAVE secured my acctand did so years ago my PW was changed earlier this year, I have no malware and regularly fill-scan my PC.

I take great steps to check my own security. And have 2FA on all my online accounts, yet this happened despite these measures.

Items sold for less than $1 don't require confirmation. You really need to do ALL steps in order and without fail as your account is compromised. No point in changing passwords if scammers have botted access to your account. You wont find malware if your credentials have been voluntarily phished into a malicious site.

I certainly have not leaked anything, my password was changed about 6 months prior, and probably every year or so before that, I've been on steam 12 years, an I know how to safeguard online account information.

Why is the assumption that's it's my fault. I've done everything as should be done.

Originally posted by Munkeh:

I certainly have not leaked anything, my password was changed about 6 months prior, and probably every year or so before that, I've been on steam 12 years, an I know how to safeguard online account information.

Why is the assumption that's it's my fault. I've done everything as should be done.

- yes you have
- changing passwords after your account is already shadow-hijacked is like changing your door locks with the burglars still in the house
- yes it is your fault

So what then is the point of passwords and 2FA if changing them does nothing?

Originally posted by Munkeh:

So what then is the point of passwords and 2FA if changing them does nothing?

You only need to change your password IF your account becomes compromised and that is AFTER you've relinquished access that the hijackers have through device deauthorisation. Passwords and 2FA are hopeless if you give them away to a phishing site or they are grabbed by capture-based malware.

Post #4 outlines every step required to secure the account and these must be done in order and without fail.

I do not see how just -its your fault- helps address the problem that I have now encountered, if my account is compromised, why sell my STC, the money of which is now in my account, the only person to 'gain' anything in this entire event is Steam themselves having taken a share of the unauthorised sales.

None of the repeated yelling of "it's your fault" helps me approach the matter.

The security steps recommended are all things I've engaged with, at length, over years - I have reasonably done all that can be expected of an end user, and yet here I am seeking guidance - and getting only 'blame'

Originally posted by Munkeh:

I do not see how just -its your fault- helps address the problem that I have now encountered, if my account is compromised, why sell my STC, the money of which is now in my account, the only person to 'gain' anything in this entire event is Steam themselves having taken a share of the unauthorised sales.

None of the repeated yelling of "it's your fault" helps me approach the matter.

The security steps recommended are all things I've engaged with, at length, over years - I have reasonably done all that can be expected of an end user, and yet here I am seeking guidance - and getting only 'blame'

Account security is the users responsibility and the only way to get into a Steam account is with 3 credentials including a dynamic two-factor element. There is no need to engage with any of the security steps if your account is secure and you can trust yourself. Somewhere along the lines previous you have at least once (and possibly more) allowed your credentials to be leaked which is indisputable.

The only guidance you need, you have already received and more. The last thing to add is scammed items are not returned https://help.steampowered.com/en/faqs/view/3B6E-B322-2400-8D24

Once you've done the steps in full, there is absolutely no reason to ever change your credentials ever again as long as you don't get yourself compromised again. Valve may have taken pennies from the sale but incidents like these cost them dearly with users failing to secure their accounts and inventories getting locked. Also make sure you report the recipient.

If you've lost a few cards then think yourself lucky - there's reckless users on here who have lost $500-2000 worth of items plus real money on the side.

Originally posted by J4MESOX4D:

Also make sure you report the recipient.

There are hundreds of recipients. None are, as far as I am aware, at fault.

Then that is even more sign of this being a compromised account on your end.

Steam doesn't get hacked.
Users get hijacked.

Anyone capable of hacking Steam wouldn't even think about touching your account and your cards.
They'd go for the biggest and the most famous.
And it would be all over the news.

Edward Snowden literally showed the NSA can't even hack Steam. :P
THey're working on building the quantum computer needed.