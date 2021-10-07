Twitch blames server error for massive data leak

·3 min read
Twitch logo
Twitch logo

Livestreaming site Twitch says an "error" caused the unprecedented leak that posted vast amounts of sensitive data online this week.

The data appeared to include Twitch's internal code and documents, as well as the payments made to thousands of top streamers.

Twitch now says the breach was caused by a "server configuration change" that "exposed" some data.

But it has not confirmed if all the data posted online is genuine.

The Amazon-owned company said the breach had involved "a Twitch server configuration change that was subsequently accessed by a malicious third party".

"As the investigation is ongoing, we are still in the process of understanding the impact in detail," it said.

But as Twitch streamers and viewers alike scrambled to change passwords, the company also said it:

  • had "no indication" login details were compromised "at this time"

  • did not store users' credit-card information, so that kind of financial information could not have been exposed

  • was resetting all users' stream keys - the unique code used by streaming software to broadcast to the right Twitch account

Analysis box by Joe Tidy, Cyber reporter
Analysis box by Joe Tidy, Cyber reporter

Twitch's short statement shows the company is in full crisis mode.

Information-technology (IT) teams and security experts are still trying to understand just how bad the data leak is.

The explanation for the hack is there was some sort of human error with a "server configuration".

In other words, someone set up the computers that store Twitch's private data incorrectly, making it findable and downloadable to hackers.

What the company has not said is when this mistake was made.

Some of the stolen data goes back three years, so there is a chance the servers could have been sitting ducks for some time - or the mistake could have left the door open for only a few days or weeks.

Hackers are always searching and scanning for open databases online - or it is even possible someone may have tipped off hackers about the internal IT blunder.

But making these sorts of mistakes is costly - particularly when you are a target as big as Twitch.

Wednesday's leak took the form of a torrent file posted to online forums by an anonymous user.

Its file structure contains folders labelled as containing payout information, business documents, under-the-hood software files and code, and even details of unreleased projects.

And the payouts folder contains what appear to be records of payments made to thousands of the biggest streamers on the platform over two years - showing many of the biggest brands are earning millions of dollars.

Several streamers told BBC News the payment data was accurate for their own earnings.

And that poses problems for the company.

"A lot more damage is now in store for Twitch," Candid Wuest from cyber-security company Acronis, said.

"The breach is already harming Twitch on all the fronts that count."

The leaked data "could contain nearly the full digital footprint of Twitch, making it one of the most severe data breaches of late", he said.

"Releasing payout reports for streaming clients will not make the influencers happy either," Mr Wuest added.

The download released online is also labelled "part one" - suggesting there may be more material yet to be posted to the internet.

Our goal is to create a safe and engaging place for users to connect over interests and passions. In order to improve our community experience, we are temporarily suspending article commenting

Recommended Stories

  • GM, General Electric agree to develop rare earth materials used in EV manufacturing

    In yet another sign that automakers are determined to get ahead of the supply chain curve, General Motors said Wednesday it had signed a memorandum of understanding (MOU) with General Electric for the supply of rare earth materials, the kind used to manufacture electric vehicles and clean energy equipment. The nonbinding agreement is with GE’s clean energy arm, GE Renewable Energy.

  • Shiba Inu Rallies As Trading Volume Keeps Growing

    Shiba Inu is trying to settle above the resistance at $0.00002350.

  • Government secretly orders Google to track anyone searching certain names, addresses, and phone numbers

    The U.S. government is reportedly secretly issuing warrants for Google to provide user data on anyone typing in certain search terms, raising fears that innocent online users could get caught up in serious crime investigations at a greater frequency than previously thought.

  • 3 Altcoins to Buy Now

    As such, investors should turn their attention away from BTC and start looking for alternative coins (altcoins) created in more recent rounds of innovation. Three top candidates that fit that description are Celo (CRYPTO: CELO), My Neighbor Alice (CRYPTO: ALICE), and Audius (CRYPTO: AUDIO). Celo's blockchain is unique because users' wallet addresses, which is where one's crypto is stored (public keys) are tied to their mobile phone numbers.

  • This Unstoppable Fintech Stock Is Getting Even Better. Can It Make You a Millionaire?

    This booming company just upgraded its app to add services and become a one-stop financial shop for its users.

  • Nintendo Switch OLED Launches October 8th: Here’s How to Find One In Stock

    The Nintendo Switch OLED Model arrives October 8th, but finding one on store shelves is going to be difficult. Pre-orders have already sold out at most locations, meaning Switch OLED is likely to have a chaotic launch – just like PlayStation 5 and Xbox Series X|S did last year. Thankfully, retailers should be offering restocks throughout the rest of …

  • 13 Reasons Why You Don’t Need an iPhone 13

    Another year, another autumnal iPhone release. As Apple’s legacy smartphone pushes deeper into the double digits, performance expectations have never been higher — and rightfully so, iPhones aren’t cheap! It might be tempting to upgrade your older iPhone or another smartphone, but that decision should come after you’ve researched the finer details of how the iPhone 13 compares to …

  • Thousands of Coinbase Users Hit by Phishing Attack -- Here's How to Protect Yourself

    Coinbase has shared details of a broad phishing attack that took place in April and May of this year. The popular cryptocurrency exchange said there had been "a significant uptick in Coinbase-branded phishing messages targeting users of a range of commonly used email service providers." Phishing is where criminals impersonate legitimate organizations through fake email, text, or phone messages.

  • Keep Your iPhone 13 Brand New With One of These Phone Cases

    A phone case is much cheaper than a screen repair.

  • Rivian SEC filing mentions selling $10,000 autonomous software

    Rivian Forums, as one would expect, went deeper into some of the S-1 details. In one section, it found Rivian's estimates of lifetime revenue (LTR) for its commercial and consumer vehicles, being $64,600 per vehicle for the former and $67,900 for the latter. Part of the consumer revenue could come via what Rivian calls the "opportunity from software."

  • D-Wave plans to build a gate-model quantum computer

    For more than 20 years, D-Wave has been synonymous with quantum annealing. Its early bet on this technology allowed it to become the world's first company to sell quantum computers, but that also somewhat limited the real-world problems its hardware could solve, given that quantum annealing works especially well for optimization problems like protein folding or route planning. D-Wave believes the combination of annealing, gate-model quantum computing and classic machines is what its businesses' users will need to get the most value from this technology.

  • T-Mobile Reduces Home Internet Price By 17%

    T-Mobile U.S. Inc (NASDAQ: TMUS) slashed the price of its new 5G wireless home broadband service by 17% to win more internet customers from cable and phone companies. The new price is $50 a month, down $10. The six-month-old service is available to over 30 million homes, just a fraction of the U.S. total. Last month, Verizon Communications Inc (NYSE: VZ) offered a $200 credit to new customers for its $70 a month 5G home internet service, Bloomberg reports. The price cuts in the rollout of new 5G

  • iOS 15.1 beta 3 and iPadOS 15.1 beta 3 now available on iPhone and iPad

    Apple rolled out iOS 15.1 beta 3 and iPadOS 15.1 beta 3 on Wednesday, October 6th. This latest beta release comes just over a week after the last. There are a shocking number of bugs that Apple needs to address in iOS 15, but there will likely be at least a few more betas before … The post iOS 15.1 beta 3 and iPadOS 15.1 beta 3 now available on iPhone and iPad appeared first on BGR.

  • Who knew you could get a big 55-inch 4K TV for just $379?

    Onn, Walmart's in-house electronics brand, makes a solid model packed with everything you need — including Roku video streaming.

  • Sony’s Extremely Popular Noise Cancelling Headphones Are Nearly Half Off Right Now for the Holidays

    All products and services featured by Variety are independently selected by Variety editors. However, Variety may receive a commission on orders placed through its retail links, and the retailer may receive certain auditable data for accounting purposes. Amazon is letting shoppers know to get their holiday shopping done early this year, with dozens of early-bird […]

  • 6 Lidar Companies Are Battling for Business. One Is Trumpeting Low Costs.

    Lidar maker Innoviz hosted a ride-along event in New York. The company was demonstrating how it planned to win the lidar wars buy focusing on costs.

  • This iPad 'can handle some serious multitasking' — and it's $60 off at Amazon

    It has over 15,000 perfect ratings, and every color is marked down: gray, blue, silver, rose gold and a gorgeous sage green.

  • Surface Laptop Studio review: A better Surface Book, a missed opportunity

    The Surface Laptop Studio proves that Microsoft has learned from the mistakes of the Surface Book — well, most of them.

  • Twitch's source code and streamer payment figures have been leaked following hack

    Hackers claim to have accessed Twitch and leaked a vast amount of company data, including creator payouts, proprietary code and the "entirety of Twitch.tv."

  • Apple Earnings Are Coming. Analysts Are Focused on iPhone, Parts Issues, Services.

    The September quarter earnings report is just three weeks away, and Wall Street is working hard to ferret out hints about the numbers.