Twitch “confident” passwords weren’t exposed in leak

Twitch were hit by a alternatively major supply code and info breach earlier this thirty day period, which they say they have given that been investigating. They’ve updated buyers yet again now, reiterating that the breach was made feasible by a server configuration modify and that they are confident no passwords, login credentials, or credit score card numbers were uncovered.

This is, effectively, the same thing Twitch reported straight away next the first resource code hack and leak of streamer earnings quantities. Presumably now they’ve experienced time to glance into the situation and be far more specific that other user informatoin was not also accessed.

Here’s the rest of what they had to say as of October 15th:

“Twitch passwords have not been uncovered. We are also confident that techniques that retail outlet Twitch login qualifications, which are hashed with bcrypt, ended up not accessed, nor have been entire credit rating card quantities or ACH / lender data.

“The exposed data mainly contained paperwork from Twitch’s supply code repository, as properly as a subset of creator payout information. We have been through a comprehensive evaluate of the information and facts included in the documents uncovered and are assured that it only influenced a little portion of buyers and the purchaser impact is nominal. We are contacting those who have been impacted right.”

You can capture the rest of their preceding updates on the problem on their Twitch safety incident web site.

Adhering to the hack final 7 days, Twitch went ahead and reset the stream keys for all people, which means to truly stream to your profile you’d require to log in and snag that new code, just in circumstance. As ever, possibly superior to have two-component authentication set up for your account.
Originally posted 2021-11-11 12:56:41.