Twitch Just Got Mega-Hacked, and All of Its Information Appears To Be Online
Boy, that escalated quickly.
We know Twitch.tv hasn’t exactly been making a lot of friends lately with certain policies and bans. But, man, someone was sure mad at them, as they went and hacked the entire site and put it on display for the whole world to see, according to VideoGamesChronicle.
An anonymous hacker recently posted a 125GB torrent link up on 4chan earlier this morning, noting that its intention was to “foster more disruption and competition in the online video streaming space.” They also made note that Twitch had it coming, because “their community is a disgusting toxic cesspool.”
And we don’t just mean small bits of business data. Basically, the report includes all of this:
The entirety of Twitch’s source code with comment history “going back to its early beginnings”
Creator payout reports from 2019
Mobile, desktop and console Twitch clients
Proprietary SDKs and internal AWS services used by Twitch
“Every other property that Twitch owns” including IGDB and CurseForge
An unreleased Steam competitor, codenamed Vapor, from Amazon Game Studios
Twitch internal ‘red teaming’ tools (designed to improve security by having staff pretend to be hackers)
Some of the more interesting information involves payouts that went to the top streamers on the service, particularly with the data that KnowSomething posted below. Some of these streamers are making a remarkable amount of money for the platform, even if its content can be somewhat questionable. (Not you, Critical Role, you’re great.)
The hacker noted that this is just the beginning of the data that it’s found through the site, though they haven’t detailed just what other information they have.
There’s no question that Twitch has come under fire for certain policies and ignoring particular issues, like the hate raids that have taken place on particular channels. It noted that it was not a “simple fix” as many would hope.
In a recent Twitter post, the company noted, “We’ve been building channel-level ban evasion detection and account improvements to combat this malicious behavior for months. However, as we work on solutions, bad actors work in parallel to find ways around them – which is why we can’t always share details.”
Apparently, though, someone else shared the details, and now all sorts of questions are coming up.
Twitch is aware of the leak, but hasn’t made note as to what it’s going to do about it just yet. However, it’s recommended that those that have an account on Twitch should change their password and activate two-factor identification, as that information may have become part of the leak. (That’s not confirmed yet.)