Twitch Suffers a Massive Data Breach

Twitch Data Breach

Over the last year, Twitch has come under fire for a variety of controversies. Hate Raids, Hottub Streams, and channel boosting have put Twitch under the limelight. Each controversy on its own would be fine but the combined issues within a single year’s time have many streamers and viewers alike concerned. Now a new data breach brings more negative press towards Twitch and has many on the platform looking at alternate streaming options. Today, Twitch has confirmed that a massive data breach has occurred resulting in source codes, user payouts, and passwords being leaked. With this breach, users should change their passwords.

Earlier today, a 4chan user posted a link leading to a 125GB zipped folder; in his post, he stated that the leak was intended to, “foster more disruption and competition in the online video streaming space” because “their community is a disgusting toxic cesspool”. The folder is still available to download. Many in the gaming community have started to look over the data to verify its authenticity.

Twitch has confirmed the leak is authentic:

“We can confirm a breach has taken place. Our teams are working with urgency to understand the extent of this. We will update the community as soon as additional information is available. Thank you for bearing with us.”

What the Breach Entails

This data breach has revealed the following:

  • The entirety of Twitch’s source code with comment history “going back to its early beginnings”
  • Creator payout reports from 2019
  • Mobile, desktop, and console Twitch clients
  • Proprietary SDKs and internal AWS services used by Twitch
  • “Every other property that Twitch owns” including IGDB and CurseForge
  • An unreleased Steam competitor, codenamed Vapor, from Amazon Game Studios
  • Twitch internal ‘red teaming’ tools (designed to improve security by having staff pretend to be hackers)

Securing Your Account

What this data breach has shown us is that it is important to have two-factor authentication turned on. To enable two-factor authentication, log on to Twitch, click your avatar, and choose Settings. Once in settings, select Security and Privacy and then scroll down to the Security setting. Select edit Two-Factor Authentication to enable it if it is not already activated. If not, follow the instructions to turn it on, you will need an alternate confirmation source to enable it. Two-factor authentication is required once a streamer reaches affiliate status.

What It Revealed

The leak shows that 81 Twitch streamers have made more than $1 million on Twitch since August 2019. Just in September 2021, xQcOW, summit1g, loltyler1, hasanabi, and ibai were the top 5 paid streamers. These five individuals made over 150k during September just from Twitch. Additionally, it shows Critical Role, xQcOW, summit1g, Tfue, and NICKMERCS have made the most on Twitch since August 2019.

Twitch Top 25Twitch September 2021

What do you think of the individuals that are on the top 100 list? Does the amount of money made surprise you? Remember to change your passwords!

Hardcore gaming enthusiast, cosplayer, streamer, tall anime lover (6ft 9), and a die-hard competitor. I have been a Pop-Culture Journalist since 2011 specializing in shooters, Pokemon, and RPGs. A former writer for Gamersbliss.com, VGGaming HQ, TheNerdStash, and The Nerdy Con Artist. One day, I hope to travel the world while working in the video game industry or as a professional gamer. Do you want to join in on a game or see what I am up to? Come follow/message me at Killerkdemons. Open to all freelance opportunities.

Lost Password

Sign Up