Dota 2's official forums were reportedly hacked on July 10, with nearly 2 million records accessed. These include email addresses, usernames and passwords, and IP addresses, according to leak notification site Leaked Source.
According to that site, passwords on the vBulletin forum "were stored using MD5 hashing and a salt". MD5 hashing is widely considered an outdated and ineffective form of data protection, and according to Leaked Source, over 80% of the hacked passwords can be converted to their plaintext value.
Leaked Source lists the different email hosts that have been compromised, with Google a huge majority at 1,086,139. "A lot" of those are disposable email addresses, but the report doesn't specify how many. Whatever the case, if you use the forums, it's probably best to change your password, and to then check whether you're listed on the Leaked Source website.
Valve has yet to comment, but we'll reach out. Cheers to ZDnet for the heads up.