All your Twitch data is safe following hack – at least for now
Gaming streaming platform Twitch has moved to reassure its users that their personal information and data is safe following a huge leak affecting the company.
In a blog post, the company outlined what it knows about the “Twitch Security Incident” that reportedly saw all its internal source code and data leaked online.
And despite earlier worries, Twitch has reassured users that their personally identifiable information (PII) was not affected by the hack, meaning details such as names, addresses and credit card information are all safe – although there are still fears that the hacker could have this information in their possession.
We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.
Some Twitch users have reported being asked to change their passwords for the service, but the company has not issued a blanket request to do so just yet.
Part two?
“We have learned that some data was exposed to the internet due to an error in a Twitch server configuration change that was subsequently accessed by a malicious third party,” the Twitch blog post read. “Our teams are working with urgency to investigate the incident.”
“As the investigation is ongoing, we are still in the process of understanding the impact in detail. We understand that this situation raises concerns, and we want to address some of those here while our investigation continues.”
“At this time, we have no indication that login credentials have been exposed. We are continuing to investigate.”
The company noted that it had reset all stream keys, with users available to get new details via the blog post. Depending on which broadcast software you use, you may need to manually update your software with this new key to start your next stream, Twitch added.
Twitch emphasises that full credit card numbers are not stored by Twitch, so this data was not exposed.
The details of the hack are still emerging, however Twitch’s admission that the leake was due to an internal misconfiguration appears to imply that the attack was malicious and external.
The leak, posted to 4chan as a torrent estimated at around 125GB in size, was labelled as “part one”, suggesting that further data could still be released in the future.
The data was supposedly obtained just days ago, with the hacker claiming Twitch was aware of the leak – which is thought to contain a range of confidential product roadmaps.
The torrent also includes the proprietary SDKs and internal AWS services used by the platform, as well as data from all other Twitch-owned properties including IGDB and CurseForge, and lots more.
Gaming streaming platform Twitch has moved to reassure its users that their personal information and data is safe following a huge leak affecting the company. In a blog post, the company outlined what it knows about the “Twitch Security Incident” that reportedly saw all its internal source code and data…
