A security breach is being blamed for the leak of the HL2 source code which started with an unnamed individual reportedly gaining access to Gabe's own personal email account and workstation.... -Keldyn
As quoted by Gabe Newell:
"Yes, the source code that has been posted is the HL-2 source code...
Ever have one of those weeks? This has just not been the best couple of days for me or for Valve.
Yes, the source code that has been posted is the HL-2 source code....
Here is what we know:
1) Starting around 9/11 of this year, someone other than me was accessing my email account. This has been determined by looking at traffic on our email server versus my travel schedule.
2) Shortly after-wards my machine started acting weird (right-clicking on executables would crash explorer). I was unable to find a virus or Trojan on my machine, I reformatted my hard drive, and reinstalled.
3) For the next week, there appears to have been suspicious activity on my webmail account.
4) Around 9/19 someone made a copy of the HL-2 source tree.
5) At some point, keystroke recorders got installed on several machines at Valve. Our speculation is that these were done via a buffer overflow in Outlook's preview pane. This recorder is apparently a customized version of Remote-Anywhere created to infect Valve (at least it hasn't been seen anywhere else, and isn't detected by normal virus scanning tools).
6) Periodically for the last year we've been the subject of a variety of denial of service attacks targeted at our web servers and at Steam. We don't know if these are related or independent.
News source: 3dnewz