Massive Twitch Data Breach

Amazon owned game-streaming platform Twitch, with 30m daily visitors, has been the victim of a hack that has leaked confidential company information and streamers' earnings. Critically, this attack is understood to have leaked source code for the company’s streaming service. 

An anonymous poster on the notorious  4chan image messaging board has released a 125GB torrent, which they claim includes the entirety of Twitch and its commit history. The 4chan post says the breach was intended to "foster more disruption and competition in the online video streaming space. The post called the Twitch community a "disgusting, toxic cesspool."

More than 100GB of data was posted online and the documents appear to show Twitch's top streamers each made millions of dollars from the Amazon-owned company in the past two years. Twitch said it was "working with urgency" to understand the extent of it. The the list of user payments is not thought to include third party details about sponsorship deals and other off-platform activities - or accounting information for tax paid on income.

Twitch tweeted  to confirm the data breach. “We can confirm a breach has taken place,” it said. “Our teams are working with urgency to understand the extent of this. We will update the community as soon as additional information is available. Thank you for bearing with us.” In another Twitch statement, the company said “Our investigation is ongoing and we are in the process of analysing all of the relevant logs and data to assess actual impact”, and it said it would "update the community as soon as additional information is available".

In recent months, Twitch has been battling a number of issues on its platform, such as "hate raids".
And in early September, a boycott titled "a day off Twitch" saw creators effectively strike in protest at the lack of action on hate raids.

The UK's Information Commissioner's Office said it had not been notified of any data breach by Twitch or Amazon.

The Verge:      Polygon:       BBC:      Forbes:      GovInfoSecurity:

You Might Also Read:

How Do Netflix And Other OTT's Take Care Of Cyber Security?:

« Career Opportunities: Top 10 Cyber Security Jobs & Salaries
Britain's COVID - Driven Online Crime Wave »

Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

WEBINAR: How to build a secure access service edge (SASE) model in AWS

WEBINAR: How to build a secure access service edge (SASE) model in AWS

Thursday, 21 October, 2021 - In this webinar, SANS and AWS Marketplace will explore SASE and share how organizations can move to a SASE model to enhance security for modern infrastructures.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Security Mentor

Security Mentor

Security Mentor provides innovative, online security awareness training designed for how people learn and work.

Sonatype

Sonatype

Sonatype protects the world's enterprise software from security, compliance, licensing risks, while reducing application development and deployment time.

KRAA Security

KRAA Security

KRAA Security provides a comprehensive suite of Cyber Security, Compliance Audit, and Computer security and Managed Security Solutions.

CommuniTake

CommuniTake

CommuniTake builds security, enablement, and management solutions to provide people and organizations with better, and more secure mobile device use.

Revel Tech

Revel Tech

Revel Tech is a regional value added distributor & cyber security consultancy specializing in providing effective solutions for enterprise computing environments.

infySEC

infySEC

InfySEC is an information security services organization offering Security Technology services, Security Consulting, Security Training, Research & Development.

eResilience

eResilience

eResilience is a division of Referentia Systems, a pioneer in an ultra-secure information safeguarding technique known as “Enclaving”, in which data can be segmented and protected within a network.

Y-PARC

Y-PARC

Y-PARC is a center of excellence for cybersecurity, precision industries and medtech, fostering innovation and development and support for startups.