Also, Create a new email from a new device and set up a password that's random combination of letters and numbers, including capital and small letters. Make sure it's at least 12 character long. Copy that password to your google drive. Set this email as your backup email account if you you are not able to change your email in steam. Now, you go back to the steam account you have set up. In its email, you enable the two way verification (if it's there, it should be there). It should be in settings-account-security or something alike. You should also tick in the rest if the security features after you give them a read. Nothing much to worry about. (If you do it right, that is) 1-use new device to set up new security measure and change login details. 2-reinstall software/windows of your old device before using it to access any of your accounts, 3-Make sure your accounts have proper security measures installed including back up emails with different passwords that are random. You can write that password on a paper and hide it in your wallet, but where you write your password, don't write your username. So even if someone sees a random string of letters and numbers, it will do him no good.
don't forget re install your windows on PC try recall what kind of weird thing you have put into your PC/laptop~ or there probability if you use laptop for your work and somehow your co worker transfer data you get da hidden gift and your co worker also dunno about it~ based on my personal experience~ as for phone have no idea~ and make sure back up your work data oh you did hah too late I guess
@Tramsloof I did everything you said. For now things don't look bad. I had changed every password that I'm using.
Change your password, and if possible, also change your email (the one you have given to steam). Have you given your device to someone recently without any supervision? Or perhaps you have clicked on some email from steam previously, asking you to login again for some reason or another? So if you have handed your device to someone without supervision, you should reinstall your windows to be on the safe side. Because, the problem is, they not only have your password but also your username/name. This means that your device may be compromised, and if that's true, then using it to login anywhere is just handing them the details. I am guessing you used the same device to access the email account too. For now, here's what you do... Use a new device, and not your own for the time being. And change your email and password through that device, so if your device is indeed infected/compromised, you can still secure your account nonetheless. Then, you install a fresh windows in your own device before trying to login in from there.
@Mnotia At first I thought it was number 3, so I tried to find my old phones and none of them even have battery
Theres a small amount of possibilities: You got hacked and now you're fucked Someone saw you're info You left a device somewhere that had you're info already logged in Someone found you're password