Twitch, the popular online service used to stream games and digital video broadcasts, announced last week that some user data had been exposed on the internet. The cause was contributed to a configuration error in a Twitch server which led to the information being accessed by a malicious third party. The following day, Twitch reset stream keys for all their users, recommending that streamers update their keys if they don’t use a service that updates automatically.
Twitch released an update about the hack earlier today, providing a little more detail which also seemed to corroborate their original post back on October 6, 2021. In the most recent blog post, Twitch had stated that they had fixed the configuration issue and had secured their system. They also reinforced their original report by stating that “Twitch passwords have not been exposed,” as well as expressing their confidence that the systems which store login credentials for the site, as well as ACH/bank information, were not accessed.
Twitch did confirm that the exposed data did contain some information from their source code repository, as well as a few documents stating how much revenue their creators make on a yearly basis. The release of information containing how much the Twitch partners made caused quite the stir over the last week, with creators jumping onto their social media accounts to either defend their practices or prove to all of their “haters” that they don’t make as much as users speculated.