Amazon-owned online streaming giant Twitch has suffered a major data leak across the entirety of its services.
The breach includes Twitch source code and sensitive information such as user pay-outs and the income of steamers.
According to a claim from an anonymous hacker, 128gb of data was linked to a 4chan page with the intention of disrupting the online video streaming space and boosting ‘competition’ as the online streaming community is a “disgusting toxic cesspool”.
Gaming news site VGC claimed that an anonymous company source said the released files are currently publicly available to download.
A Twitch spokesperson said that the company is aware of the breach, with the data was supposedly obtained on Monday.
On Twitter, the company said: “We can confirm a breach has taken place. Our teams are working with urgency to understand the extent of this.
“We will update the community as soon as additional information is available. Thank you for bearing with us.”
Released documents revealed that some of the platform’s top streamers made millions of dollars from their content over the last two years.
We can confirm a breach has taken place. Our teams are working with urgency to understand the extent of this. We will update the community as soon as additional information is available. Thank you for bearing with us.
— Twitch (@Twitch) October 6, 2021
Commenting on the data leak, Niamh Muldoon from Global Data Protection Officer at OneLogin said: “This is a comprehensive hack of Twitch, which could lead to significant issues not only for Twitch themselves, whose entire infrastructure appears to have been leaked, from source code to ‘every other property they own’ but for Twitch users, whose payout information has also been leaked.
“This could open the door to financial fraud, and they should be encouraged to look vigilantly at their accounts for unusual activity and update any passwords. A hack this comprehensive is a textbook example of why security needs to be taken seriously by all organizations.”
It has been recommended that users change passwords to protect their accounts and activate two-factor authentication, which ensures that even if your password is compromised, you still need your phone to prove your identity using either SMS or an authenticator app.
- Facebook outage: The bigger resilience picture
- Patrolling the cyber-state with Police Scotland DSU, Alex Dowall
- Ofcom’s new rules could be bad news for Twitch and TikTok
Stuart Green, Cloud Security Architect at Check Point Software, provided a stark warning for Twitch users: “Anytime source code gets leaked it’s not good and potentially disastrous. It opens a gigantic door for evil doers to find cracks in the system, lace malware, and potentially steal sensitive information.
“I strongly recommend all Twitch users to exercise caution in the near-term ahead as cyber attacks are on the rise. For October’s Cyber Security Awareness month, Check Point Research documented a 40% increase in cyber attacks this year, compared to 2020.
“For now, we recommend Twitch users change their passwords and enable two-factor authentication on accounts.”
Get the latest news from DIGIT direct to your inbox
Our newsletter covers the latest technology and IT news from Scotland and beyond, as well as in-depth features and exclusive interviews with leading figures and rising stars.
We’ll keep you up to date on the pivotal issues impacting the sector and let you know about key upcoming events to ensure that you don’t miss out on what’s going on across the Scottish tech community.
Click here to subscribe.