Massive Twitch Data Breach

Uploaded on 2021-10-11 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Amazon owned game-streaming platform Twitch, with 30m daily visitors, has been the victim of a hack that has leaked confidential company information and streamers' earnings. Critically, this attack is understood to have leaked source code for the company’s streaming service. 

An anonymous poster on the notorious  4chan image messaging board has released a 125GB torrent, which they claim includes the entirety of Twitch and its commit history. The 4chan post says the breach was intended to "foster more disruption and competition in the online video streaming space. The post called the Twitch community a "disgusting, toxic cesspool."

More than 100GB of data was posted online and the documents appear to show Twitch's top streamers each made millions of dollars from the Amazon-owned company in the past two years. Twitch said it was "working with urgency" to understand the extent of it. The the list of user payments is not thought to include third party details about sponsorship deals and other off-platform activities - or accounting information for tax paid on income.

Twitch tweeted  to confirm the data breach. “We can confirm a breach has taken place,” it said. “Our teams are working with urgency to understand the extent of this. We will update the community as soon as additional information is available. Thank you for bearing with us.” In another Twitch statement, the company said “Our investigation is ongoing and we are in the process of analysing all of the relevant logs and data to assess actual impact”, and it said it would "update the community as soon as additional information is available".

In recent months, Twitch has been battling a number of issues on its platform, such as "hate raids".
And in early September, a boycott titled "a day off Twitch" saw creators effectively strike in protest at the lack of action on hate raids.

The UK's Information Commissioner's Office said it had not been notified of any data breach by Twitch or Amazon.

The Verge:      Polygon:       BBC:      Forbes:      GovInfoSecurity:

You Might Also Read:

How Do Netflix And Other OTT's Take Care Of Cyber Security?:

« Career Opportunities: Top 10 Cyber Security Jobs & Salaries
Britain's COVID - Driven Online Crime Wave »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

rPeople Staffing

rPeople Staffing

rPeople provides direct placement in all areas of your organization, including and specializing in Technical and Executive hiring.

Reblaze Technologies

Reblaze Technologies

Reblaze provides the world’s best security technologies in a cloud-based website security platform.

Mi-Token

Mi-Token

Mi-Token is an advanced two-factor authentication solution that offers unparalleled security, flexibility, cost-effectiveness and ease of use.

Data Resolve Technologies

Data Resolve Technologies

Data Resolve offer a mechanism through which customers can detect and tackle various kinds of sensitive activities pertaining to data loss and data theft.

Riverside Research

Riverside Research

Riverside Research is a not-for-profit organization chartered to advance scientific research in areas including Trusted & Resilient Systems.

Cyxtera Technologies

Cyxtera Technologies

Cyxtera offers powerful, secure IT infrastructure capabilities paired with agile, dynamic software-defined security.

Brighter AI

Brighter AI

Brighter AI empowers companies to use publicly-recorded camera data for analytics & AI while being compliant with increasing data privacy regulations worldwide.

Sergeant Laboratories

Sergeant Laboratories

Sergeant Laboratories builds advanced technologies to prove compliance in complex IT security and regulatory compliance situations.

IEEE Cyber Science and Technology Congress (CyberSciTech)

IEEE Cyber Science and Technology Congress (CyberSciTech)

CyberSciTech provides a platform for scientists, researchers, and engineers to share their latest ideas and advances in the broad scope of cyber-related science, technology, and application topics.

ePLDT

ePLDT

ePLDT delivers best-in-class digital business solutions that include Cloud, Cyber Security, purpose-built Data Center facilities and Managed IT Services.

Qmulos

Qmulos

Qmulos’ real-time continuous monitoring risk management suite, Q-Compliance, provides a massively flexible and scalable solution to optimizing operational security.

Industrial Control System Information Sharing and Analysis Center (ICS-ISAC)

Industrial Control System Information Sharing and Analysis Center (ICS-ISAC)

ICS-ISAC is a non-profit, public/private Knowledge Sharing Center established to help facilities develop situational awareness in support of local, national and international security.

RevBits

RevBits

RevBits provides high-performance cybersecurity solutions including email security, endpoint security, deception technology and PAM solution to enterprise companies and public sector organizations.

TetherView

TetherView

TetherView provides leading virtual desktop and email security technology to help businesses stand up and manage digital workspaces.

London AI Safety Research (LASR)

London AI Safety Research (LASR)

London AI Safety Research Labs is a technical AI Safety research programme focussed on reducing the risk of loss of control to advanced AI.

Tuskira

Tuskira

Tuskira is a Preemptive Cyber Defense & Response Platform powered by Agentic AI, designed to go beyond traditional vulnerability management.