This week, it came to light that Twitch has suffered a massive data breach, with 125GB of confidential files stolen and spread across the internet. In a short statement yesterday afternoon, the company confirmed a hack took place and now, some more details have been shared.
While Twitch’s initial statement failed to address concerns over login details or credit card information, an updated blog post does touch on that subject. In an updated statement, Twitch confirmed that some internal data was “exposed to the internet due to an error in a Twitch server configuration change”, currently the company is “working with urgency to investigate the incident”.
While the investigation is ongoing, at this point, Twitch says there is “no indication that login credentials have been exposed”, and since Twitch does not store credit card numbers, these were not exposed either.
However, to be cautious, Twitch has reset all stream keys for the entire site. For those who aren’t aware, a stream key is a unique password required to stream to a channel, if your stream key is exposed, pretty much anyone can broadcast to your Twitch page. To avoid any issues, stream keys for all Twitch users have been reset, so anyone who streams will need to go to their Twitch dashboard and get their new stream key to input into their broadcasting software.
Discuss on our Facebook page, HERE.
KitGuru Says: A lot of social media posts have focused on the creator earnings portion of this leak, but that is far from the most important issue here. Source code, SDKs, security tools and other information included in the leak can have a much bigger impact on Twitch moving forward.