Twitch confirms huge security breach, says credit card and login credentials are safe


Yesterday, we covered claims that a hacker had yoinked 125GB of data from Twitch and dumped it into the wild, where it was leaked to 4chan as revenge on the Twitch community in order to “foster more disruption and competition in the online video streaming space” – a weird flex that managed to ensnare and release everything from internal Twitch source code to streamer payout reports.

Amazon followed up with blog posts early this morning, confirming the hack but clarifying the nature of what was stolen.

“We have learned that some data was exposed to the internet due to an error in a Twitch server configuration change that was subsequently accessed by a malicious third party. Our teams are working with urgency to investigate the incident. As the investigation is ongoing, we are still in the process of understanding the impact in detail. We understand that this situation raises concerns, and we want to address some of those here while our investigation continues. At this time, we have no indication that login credentials have been exposed. We are continuing to investigate. Additionally, full credit card numbers are not stored by Twitch, so full credit card numbers were not exposed.”

While Amazon says login credentials weren’t swiped, it did reset all Twitch stream keys, so if you’re a streamer yourself, you’ll want to get that sorted.

Source: Twitch

No posts to display


Please Login to comment
newest oldest most liked
Subscribe to:

Over in Warframe they said folks should relink their Twitch accounts if they changed their password. Not sure how many other games have that twitch integration thingy.

Hikari Kenzaki

In cases where there is a breach of this kind, it’s a good idea to go through your accounts and find the apps/connections/devices section and disconnect anything you haven’t used in a while or don’t recognize.

It also doesn’t hurt to disconnect and reconnect the apps/games/devices you DO use just to be extra safe and ensure your tokens have been updated.

For Twitch specifically, connections are managed here:

Since Twitch logins are often paired to Amazon, it’s a good idea to check there as well.

I generally clean up all my connected accounts (Twitter, Steam, Discord, etc) every few months. As before, it never hurts.