Amazon’s game-streaming service, Twitch, confirmed on Wednesday it was the victim of a massive data breach that potentially exposed troves of company documents and sensitive user data.
“We can confirm a breach has taken place,” the company wrote on Twitter. “Our teams are working with urgency to understand the extent of this. We will update the community as soon as additional information is available. Thank you for bearing with us.”
The admission came only after users circulated news about the breach online. Those who had seen the stolen information said it contained user data as well as internal company documents; proprietary source code; an unreleased, Amazon-produced competitor to the Steam gaming platform; and Twitch’s security tools.
https://t.co/7vTDeRA9vt got leaked. Like, the entire website; Source code with comments for the website and various console/phone versions, refrences to an unreleased steam competitor, payouts, encrypted passwords that kinda thing.
Might wana change your passwords.
— Sinoc (@Sinoc229) October 6, 2021
The information also included three years of payment data showing how much Twitch compensated gamers to stream their activity online, revealing it paid more than $108,000 annually to 13 individual accounts or users since 2019.
An individual claiming responsibility for the hack first shared it on the 4chan message board, along with a link for a 125 gigabytes file containing contents of the breach, and a statement that he did it to “foster more disruption and competition in the online video streaming space.” The user added that Twitch’s “community is a disgusting toxic cesspool.”
The user titled the leak “part one,” indicating the possibility that more information could be released in the future.
Have a tip we should know? email@example.com