Twitch Stream Keys Have Been Reset, Users to Update Passwords
Streaming site Twitch was hacked yesterday. The company is still investigating they have sent out a few updates to keep users informed of the situation.
The data breach is believed to be the work of hackers.
More than 125 GB of stolen data was exfiltrated during the data breach. Stolen files including all of Twitch TV’s commit history. This means the hackers took all the source code for Twitch.tv. The hackers also lifted the code for mobile, desktop, and video game clients. Source code for Twitch owned IGDB and CurseForge were also amongst the stolen data.
Twitch.tv creator reports dating back to 2019 were compromised. These financial reports reveal how much money Twitch creators made from the platform.
[10/6/2021 @ 10:30PM PT]
“We have learned that some data was exposed to the internet due to an error in a Twitch server configuration change that was subsequently accessed by a malicious third party,” said the company in an update on its official website.
Twitch sent out an email to all users today (we got one) to inform them that their stream keys have been rest. The message was also posted on Twitter.
“Out of an abundance of caution, we have reset all stream keys.”
Twitch creators who use broadcast software will have to update their mobile app, or web browser with a new security key. Twitch mobile app users do not need to take any action for new keys to work.
Twitch Studio, Streamlabs, Xbox, and PlayStation users do not need to update anything. If you use OBS and have not connected your Twitch account, then you’ll need to update OBS with your new key.
Payment cards numbers were not compromised in the Twitch data breach. The platform does not retain full payment card numbers.
At this time login credentials are not believed to be at risk. However, the investigation is still ongoing. It is recommended that you change your Twitch password an enable two-factor authentication (2FA) to help protect your account.