Twitch Data Breach took place a couple of days ago when an anonymous hacker published a torrent file with 125 GB worth of data on the 4chan messaging board.
As reported by Hackread.com, Amazon.com’s live streaming e-sports platform, Twitch, was a victim of a massive data breach where the company reportedly was hacked in its entirety.
As per the latest update from Twitch, the company believes an erroneous server configuration change lets unauthorized individual(s) access and leak sensitive data.
“We have learned that some data was exposed to the internet due to an error in a Twitch server configuration change that was subsequently accessed by a malicious third party. Our teams are working with urgency to investigate the incident,” Twitch said in a blog post.
About the Leak
On Wednesday, an anonymous hacker posted a 125 GB torrent on the 4chan messaging board. The torrent contained leaked data, including:
- Twitch source code for mobile
- Desktop, and video game console clients
- Creator payout reports
- Internal security tools information
- Code of proprietary SDKs
- Internal AWS services code
- Crucial details about a yet unreleased Steam competitor from Amazon Game Studios.
The screenshot below shows the content of the leaked data:
After analyzing the data Hackread.com was able to confirm the authenticity of the leaked data. The leaked data included details of Twitch’s most popular and highest-paid video game streamers since 2019.
For instance, it contained creator payout details worth $9.6 million of popular game Dungeons & Dragons voice actors and Canadian streamer xQcOW’s $8.4 million payouts.
SEE: World’s most dangerous laptop ‘Persistence of Chaos’ is up for auction
The leak is dubbed part one by the hackers, which means there’s more coming up soon. Taking a dig at Amazon founder Jeff Bezos, the hackers taunted:
“Bezos paid $970 million for this, we’re giving it away FOR FREE.”
Twitch’s Response
Twitch claims that it is still evaluating the breach’s impact. It has reset all stream keys and codes that let streamers connect and publish content on the platform to mitigate the threat.
SEE: Hacker selling DDOS-Guard database, source code, pirate sites data
The company clarified that there was no indication of data exploitation and that it doesn’t store complete credit card details. According to Video Games Chronicle, the Twitch hacker perhaps wanted to cause disruption and competition in the industry.
What is a Configuration Change?
A configuration change is a routine maintenance task in which an IT infrastructure undergoes essential changes such as turning on or off a network drive or changing its name.
Did you enjoy reading this article? Like our page on Facebook and follow us on Twitter.