Misconfigured Server Led to Leak of Twitch Source Code and Proprietary Tools
A misconfigured Twitch server allowed unknown parties to access and steal a massive amount of data, including proprietary software, source code, details on payouts to streamers, and potentially much more.
The data contains sensitive information regarding Twitch payouts made the platform to all top streamers in the past two years. The company said no other financial information was revealed, adding that “full credit card numbers are not stored by Twitch, so full credit card numbers were not exposed.”
It turns out that hackers didn’t actually compromise Twitch infrastructure -- they didn’t have to. Access was provided by mistake.
“We have learned that some data was exposed to the internet due to an error in a Twitch server configuration change that was subsequently accessed by a malicious third party,” said the company. “Our teams are working with urgency to investigate the incident.”
Twitch also reset all the stream keys, which means that all streamers have to get new ones and set up the equipment accordingly.
Of course, all Twitch users wonder if their credentials were leaked as well, but the platform says there’s no indication that login credentials were exposed. All the same, changing the passwords as soon as possible is a good idea.
The 4chan anonymous user who posted details on the leaked data also gave everyone access to a 125GB archive, which the user named part 1, hinting that there’s more to come. The company quickly confirmed the breach, but said that they are still trying to determine the extent of it.
The leak information contains everything pertaining to Twitch and a good deal of data from Amazon, its parent company:
· The entirety of twitch.tv, with commit history going back to its early beginnings
· Mobile, desktop, and video game console Twitch clients
· Various proprietary SDKs and internal AWS services used by Twitch
· Every other property that Twitch owns, including IGDB and CurseForge
· An unreleased Steam competitor from Amazon Game Studios
· Twitch SOC internal red teaming tools (lol)
Since this is a developing story, more details are sure to follow.
Ultimate Privacy Guide for Your Facebook Account
August 31, 2021
7 Signs It’s Time to Use Parental Controls On Your Family’s Devices
August 27, 2021
Your Netflix Account May Be on Sale on Darkweb. Protect It
August 13, 2021
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US
July 16, 2021
How to protect yourself against cyberstalking
July 06, 2021