Twitch has confirmed that it has suffered a major data breach, and that a hacker accessed the company’s servers thanks to a misconfiguration change. Twitch admits a hacker was able to access data that was mistakenly exposed to the internet “due to an error in a Twitch server configuration change that was subsequently accessed by a malicious third party.” The company says it has “no indication that login credentials have been exposed,” and that “full credit card numbers were not exposed.”
Hackers have so far leaked data that includes source code for the company’s streaming service, an unreleased Steam competitor from Amazon Game Studios, and details of creator payouts. An anonymous poster on the 4chan messaging board released a 125GB torrent earlier today, which they claim includes the entirety of Twitch and its commit history.
The leak has been labeled as “part one,” suggesting that there could be more to come. While personal information like creator payments is included, this initial leak doesn’t appear to include passwords, addresses, or email accounts of Twitch users. Instead, the leaker appears to have focused on sharing Twitch’s own company tools and information, rather than code that would include personal accounts.
It’s not clear how much data has been accessed, though. Twitch says it’s still working to understand its security breach, and it appears that some users are being asked to change their passwords. While Twitch is still investigating and says there’s no indication login details were exposed, it is still recommended to change Twitch password and enable two-factor authentication.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
