The findings, presented at Kaspersky’s Cyber Security Weekend in Da Nang, revealed that 5.7 million Steam accounts were compromised by infostealer malware, while another 6.2 million accounts tied to other global platforms such as Epic Games Store, Battle.net, Ubisoft Connect, GOG, and EA app were also exposed.

Analysis of leaked Steam credentials associated with Asia-Pacific (APAC) countries showed Thailand topping the list with nearly 163,000 compromised accounts, followed by the Philippines with 93,000. Vietnam ranked third with almost 88,000. By contrast, the lowest figures were recorded in China (19,000), Sri Lanka (11,000), and Singapore (4,000).

With close to 1.8 billion players, APAC has become the world’s gaming hub. The region’s rapid digital adoption, youth-driven demand, and widespread mobile access have fueled growth in both casual and competitive gaming, making it an attractive target for cybercriminals.

“Cybercriminals often release stolen log files months or even years after the original compromise,” said Polina Tretyak, a Digital Footprint Intelligence Analyst at Kaspersky. “Even credentials stolen years ago can resurface on dark web forums, contributing to a growing pool of leaked information. The actual number of compromised gaming accounts is likely much higher than what is immediately visible.”

Tretyak advised gamers to update passwords regularly, avoid reusing them across platforms, and run malware scans if compromise is suspected.

Businesses may also be at risk. Kaspersky found that 7% of leaked accounts from services such as Netflix, Roblox, and Discord had been registered with corporate email addresses.

Tretyak warned that if corporate emails are exposed, attackers could use them for phishing, malware installation, or brute-force attacks. Simple, predictable passwords such as “Word2025!” could be cracked in an hour or less, potentially giving criminals access to sensitive company systems.

Infostealers are often disguised as cracked games, cheat tools, or unofficial mods. Once installed, they can harvest account passwords, cryptocurrency wallet details, credit card numbers, and browser cookies. Stolen data is then traded or shared on darknet platforms, where it may be used for further cyberattacks.

These threats are particularly dangerous in hybrid and bring-your-own-device (BYOD) environments, common across APAC, where personal and work-related activities often coexist on the same device.

Kaspersky recommends that individuals facing a data leak should run full security scans, remove detected malware immediately, change all compromised passwords, and monitor affected accounts for suspicious activity. Companies are advised to proactively monitor dark web markets to detect compromised accounts before they pose risks to employees or customers.

Kaspersky willing to share cyber security solutions with Vietnam

Stephan Neumeier, Managing Director of Russia’s Kaspersky Lab Asia Pacific, said the company is willing to share its experience and security solutions to help protect Vietnam from cyber attacks.