Re: Somebody went shopping at Argos and it wasn't me
Here's the official statement - unless you made a purchase and enterted your details on Steam during the timeframe of the incident, no details, period, would have been leaked. And even then, the details would have been minimal at worst.
"On December 25th, a configuration error resulted in some users seeing Steam Store pages generated for other users. Between 11:50 PST and 13:20 PST store page requests for about 34k users, which contained sensitive personal information, may have been returned and seen by other users.
The content of these requests varied by page, but some pages included a Steam user’s billing address, the last four digits of their Steam Guard phone number, their purchase history, the last two digits of their credit card number, and/or their email address. These cached requests did not include full credit card numbers, user passwords, or enough data to allow logging in as or completing a transaction as another user.
If you did not browse a Steam Store page with your personal information (such as your account page or a checkout page) in this time frame, that information could not have been shown to another user."
My emphasis. Because that's how caching works.
Does that excuse the snafu? Nope. Does it mean it's likely Steam is the cause of your card fraud? No, to a laughable degree, no. Get the cops to actually check your local petrol station for skimming devices, rather than just asking them if they've had reports of them, because that's - worryingly - more likely to be the case.
It's also likely that they saw the Steam shenigans and thought "Hey, if we use those deets now, they'll blame in on Steam!". Or it could just be coincidence.