Massive Twitch Data Breach

Amazon owned game-streaming platform Twitch, with 30m daily visitors, has been the victim of a hack that has leaked confidential company information and streamers' earnings. Critically, this attack is understood to have leaked source code for the company’s streaming service. 

An anonymous poster on the notorious  4chan image messaging board has released a 125GB torrent, which they claim includes the entirety of Twitch and its commit history. The 4chan post says the breach was intended to "foster more disruption and competition in the online video streaming space. The post called the Twitch community a "disgusting, toxic cesspool."

More than 100GB of data was posted online and the documents appear to show Twitch's top streamers each made millions of dollars from the Amazon-owned company in the past two years. Twitch said it was "working with urgency" to understand the extent of it. The the list of user payments is not thought to include third party details about sponsorship deals and other off-platform activities - or accounting information for tax paid on income.

Twitch tweeted  to confirm the data breach. “We can confirm a breach has taken place,” it said. “Our teams are working with urgency to understand the extent of this. We will update the community as soon as additional information is available. Thank you for bearing with us.” In another Twitch statement, the company said “Our investigation is ongoing and we are in the process of analysing all of the relevant logs and data to assess actual impact”, and it said it would "update the community as soon as additional information is available".

In recent months, Twitch has been battling a number of issues on its platform, such as "hate raids".
And in early September, a boycott titled "a day off Twitch" saw creators effectively strike in protest at the lack of action on hate raids.

The UK's Information Commissioner's Office said it had not been notified of any data breach by Twitch or Amazon.

The Verge:      Polygon:       BBC:      Forbes:      GovInfoSecurity:

You Might Also Read:

How Do Netflix And Other OTT's Take Care Of Cyber Security?:

« Career Opportunities: Top 10 Cyber Security Jobs & Salaries
Britain's COVID - Driven Online Crime Wave »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

AV Test

AV Test

The AV-TEST Institute is a leading international and independent service provider in the fields of anti-virus research and IT security.

Okta

Okta

Okta is an enterprise-grade identity management service, built from the ground up in the cloud to address the challenges of a cloud-mobile-interconnected world.

Chubb

Chubb

Chubb is the world’s largest publicly traded property and casualty insurer. Commercial services include Cyber Risk insurance.

Hodgson Russ

Hodgson Russ

Hodgson Russ is a US business law firm. Practice areas include Privacy, Data Breach & Cybersecurity.

Leibniz-Rechenzentrum (LRZ)

Leibniz-Rechenzentrum (LRZ)

The LRZ supports ground-breaking research and teaching in a wide range of scientific disciplines including information security and data protection.

AllClear ID

AllClear ID

AllClear ID provides products and services that help protect people and their personal information from threats related to identity theft.

SAASPASS

SAASPASS

SAASPASS is a full-stack identity and access management solution, a single product which allows you to manage all your digital and physical access needs securely and conveniently.

RiskCentric

RiskCentric

RiskCentric is a consultancy specializing in risk management and compliance.

SaferVPN

SaferVPN

SaferVPN is a Virtual Private Network services provider offering secure encrypted access to the internet.

Security & Intelligence Agency (SOA) - Croatia

Security & Intelligence Agency (SOA) - Croatia

SOA is the Croatian security and intelligence service. Areas of activity include Cyber Security and Information Security.

Quadible

Quadible

Quadible BehavAuth is an AI-platform that continuously authenticates the users, without the need of any input, by learning their behavioural patterns.

Kiuwan

Kiuwan

Kiuwan provide software security solutions with SAST and SCA source-code analysis that fit into your DevOps process.

InferSight

InferSight

InferSight can help you design an architecture that takes into account security, performance, availability, functionality, resiliency and future capacity to avoid technological lock in and limitations

Cisco Networking Academy

Cisco Networking Academy

Cisco Networking Academy is the world's largest classroom, bringing technology education, 21st-century skills, and improved jobs prospects since 1997.

Altospam

Altospam

Altospam is a full service corporate email protection, integrating multiple security levels for your emails.

Northdoor

Northdoor

Northdoor provides a comprehensive set of services around information security and works with leading global technology vendors to deploy and manage cyber security solutions.