The video live streaming platform Twitch has provided an update following the major data breach that took place on October 6, which we previously reported. The company is reassuring its users that login credentials should be safe but proceeded with resetting stream keys for all streamers, out of “an abundance of caution.” Regardless, changing a user’s password and activating 2-factor verification is still highly advised for all Twitch users.
According to Comic Book, Twitch confirmed that the company had suffered a security breach that leaked approx. 125 GB of company data online, including source codes, earnings data for top streamers, and untimely revealed what Amazon’s been cooking in their software development department – a video game digital distribution platform that could rival Steam. However, the people in charge of understanding the extent of said security breach have disclosed that login credentials and credit card numbers weren’t exposed.
The company’s statement posted online reveals that the company is aware that some of its data was exposed to the internet due to an error in a Twitch server configuration, which allowed access to a malicious third party. The company also informed users that stream keys had been reset for everyone on the same day. For those who don’t know, a stream key is a unique number used to link streaming software to the user’s Twitch channel. As such, it’s one of the most protected pieces of data since it can pose as a crucial component of the various channel and stream hacks.
Users can now retrieve their new stream keys from the dashboard and avoid sharing them with anyone, especially Twitch staff, as they would never ask users for data they already have access to. But in terms of what streaming users need to go back to broadcasting in Twitch, well, it actually depends on the broadcasting software they’re using. Those using Twitch Studio, Streamlabs, Xbox, PlayStation, and Twitch mobile app, shouldn’t do anything, as their key should be automatically updated. However, those using OBS to connect to Twitch have to manually update their stream key within OBS. Other broadcasting software might also require manual key updates or other changes of setting to enable streaming.
The “malicious third party” Twitch referred to seems to be an anonymous hacker, or hacker collective, which claimed their reasons behind revealing Twitch data was to foster disruption and competition in the online video streaming space, because “their (Twitch’s) community is a disgusting cesspool.” The cybercriminal is most likely referring to the rise of harmful content, such as nudity, and sexually suggestive themes across video game streaming platforms that many users brought attention to recently, with some even leaving game streaming services in favor of YouTube, due to explicit content, hate speech, and hate raids present on the Amazon-owned platform.
It’s worth noting that the “leak” occurred the same day that UK regulator Ofcom set new guidelines for video-sharing platforms like Twitch, TikTok, Snapchat, and Vimeo The affected platforms must take new measures to protect their users from harmful content. Most TikTok users are in their teens or early 20s and exposure to harmful content, such as suggestive or even explicit content, can cause many psychological problems. Breach of said guidelines is likely to result in fines or even a suspension of service in more severe cases.