Hackers who’ve breached the Twitch platform revealed to be knowing payout data of more than 2.4 million streamers, and other proprietary code belonging to Twitch.
Named as the “entirety of Twitch.tv‘, the data dump is already being shared among various underground forums, with those who’ve accessed claiming to have found several data parts like unreleased games, SDKs, internal tools, etc owned by Twitch.
Twitch Data Leak
Twitch, the Amazon-owned game entertainment streaming platform is No.1 in its industry. After several rumors of its platform breach, the company showed up on Twitter confirming the malicious incident, where hackers accessed and stole critical data belonging to them.
We can confirm a breach has taken place. Our teams are working with urgency to understand the extent of this. We will update the community as soon as additional information is available. Thank you for bearing with us.
— Twitch (@Twitch) October 6, 2021
And this includes Twitch’s mobile, desktop, and console clients, proprietary code, SDKs, Twitch’s internal AWS services, and other integrated properties like CurseForge and IGDB. Also, there’s an unreleased Steam competitor from (code-named Vapour) and belonging to Amazon Game Studios was leaked too.
At last, there are few internal red-teaming tools used by Twitch and payouts information of about 2.4 million streamers, from 2019 until now was leaked. The list includes data belonging to top creators and streamers like xQc, Nickmercs, and TimTheTatMan.
Hackers named the data dump as the ‘entirety of Twitch’ – a 126GB repository that includes all the above plus source code from almost 6,000 internal Github repositories. What’s worse is the hackers named it Part 1! So there could be a Part 2 coming soon with more sensitive details.
Anything good as of now is the unavailability of Twitch users’ PII, like their account usernames, passwords, addresses, and banking information. But, these might appear in the Part 2 dump, so don’t rule them out already. Thus, it’s recommended to change your Twitch account credentials and apply two-factor authentication for thwarting any breaches.