Massive Twitch Data Breach

Uploaded on 2021-10-11 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Amazon owned game-streaming platform Twitch, with 30m daily visitors, has been the victim of a hack that has leaked confidential company information and streamers' earnings. Critically, this attack is understood to have leaked source code for the company’s streaming service. 

An anonymous poster on the notorious  4chan image messaging board has released a 125GB torrent, which they claim includes the entirety of Twitch and its commit history. The 4chan post says the breach was intended to "foster more disruption and competition in the online video streaming space. The post called the Twitch community a "disgusting, toxic cesspool."

More than 100GB of data was posted online and the documents appear to show Twitch's top streamers each made millions of dollars from the Amazon-owned company in the past two years. Twitch said it was "working with urgency" to understand the extent of it. The the list of user payments is not thought to include third party details about sponsorship deals and other off-platform activities - or accounting information for tax paid on income.

Twitch tweeted  to confirm the data breach. “We can confirm a breach has taken place,” it said. “Our teams are working with urgency to understand the extent of this. We will update the community as soon as additional information is available. Thank you for bearing with us.” In another Twitch statement, the company said “Our investigation is ongoing and we are in the process of analysing all of the relevant logs and data to assess actual impact”, and it said it would "update the community as soon as additional information is available".

In recent months, Twitch has been battling a number of issues on its platform, such as "hate raids".
And in early September, a boycott titled "a day off Twitch" saw creators effectively strike in protest at the lack of action on hate raids.

The UK's Information Commissioner's Office said it had not been notified of any data breach by Twitch or Amazon.

The Verge:      Polygon:       BBC:      Forbes:      GovInfoSecurity:

You Might Also Read:

How Do Netflix And Other OTT's Take Care Of Cyber Security?:

« Career Opportunities: Top 10 Cyber Security Jobs & Salaries
Britain's COVID - Driven Online Crime Wave »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CyberVista

CyberVista

CyberVista is a cybersecurity training education and workforce development company. Our mission is to eliminate the skills gap by creating job ready professionals.

Center for Identity - University of Texas at Austin

Center for Identity - University of Texas at Austin

The mission of the Center is to deliver the highest-quality discoveries, applications, education, and outreach for excellence in identity management, privacy, and security.

Aptible

Aptible

Security Management and Compliance for Developers. Aptible helps teams pass information security audits and deploy audit-ready apps and databases.

National Accreditation Agency of Ukraine (NAAU)

National Accreditation Agency of Ukraine (NAAU)

NAAU is the national accreditation body for Ukraine. The directory of members provides details of organisations offering certification services for ISO 27001.

Threat Status

Threat Status

Threat Status are a Threat Intelligence company. We are the developers of Trillion. A cloud based Security As A Service (SaaS) platform.

Kasada

Kasada

Kasada has developed a radical approach to defeating automated cyberthreats based on its unmatched understanding of the human minds behind them.

Enclave Networks

Enclave Networks

Our mission is to give IT professionals a simple way to rapidly build secure connectivity between any application, computer system, device or infrastructure - regardless of the underlying network.

Semmle

Semmle

Semmle's code analysis platform helps teams find zero-days and automate variant analysis. Secure your code with continuous security analysis and automated code review.

ProofID

ProofID

ProofID is a specialist provider of Identity Access Management (IAM) solutions. We focus on the solving the complex needs of the modern enterprise.

boxxe

boxxe

boxxe create flexible IT infrastructures, collaborative global workspaces and data clarity, all underpinned by world-leading security.

Tracepoint

Tracepoint

Tracepoint provide full-service cyber incident response, remediation and recovery solutions for the most time-sensitive situation your company may ever face.

Sontiq

Sontiq

Sontiq is committed to providing best-in-class, highly scalable, award-winning identity security solutions to consumers, businesses and government agencies.

1898 & Co

1898 & Co

Keep your critical assets secure with a comprehensive portfolio of services from high-level assessments to fully managed security services designed for operational technology applications.

Toka Group

Toka Group

Toka empowers government agencies with critical and previously out-of-reach digital forensics, force protection and Intelligence capabilities, tackling the fields' most pressing challenges.

Policy Monitor

Policy Monitor

Policy Monitor is a cyber security company founded by experts with extensive experience in operational and risk management.

STACK Cybersecurity

STACK Cybersecurity

STACK Cybersecurity serves as a strategic partner, guiding you through the intricate and dynamic cybersecurity landscape.

Blue Mantis

Blue Mantis

Blue Mantis is a security-first, IT solutions and services provider with a 30+ year history of successfully helping clients achieve business modernization.