MAJOR Data Leak on Twitch

Brandon McCauley
Brandon McCauley
October 6th, 2021
big-shutdown

It would be entirely disingenuous to say that this week has been slow in the cybersecurity world. In fact, it has been the complete opposite. We first saw the ongoing battle between cybercriminals and tech corporations with the potential data leak from Facebook, which we covered in our previous article, expand into the streaming market with Twitch, which is in a much more dire situation.

Yesterday, the popular streaming platform that has accumulated more than 41.5 million users in 2020, is under extreme pressure after an anonymous hacker boldly claimed to have leaked a substantial amount of the site’s private data.

Origins of the Data Leak

The leak crashed onto the scene on a public post on a popular forum, in which the hacker made it accessible to anyone willing to download 126GB of files. The information within the download was certainly not pulling any punches, as it included:

  • The entirety of Twitch’s source code and commit history
  • Creator payout reports from 2019
  • Mobile, desktop, and console Twitch clients
  • Proprietary SDKs and internal AWS services used by Twitch
  • IGDB and CurseForge information
  • An unreleased Steam competitor, codenamed “Vapor”
  • Twitch internal “red teaming” tools used to improve security

As you can see, this is a staggering amount of information. Even worse, Twitch has confirmed that the leak is authentic.

What does this mean for you?

According to VideoGamesChronicle (VGC), those who have gone through the leaked information have claimed that it also includes encrypted passwords. In other words, this poses a major risk for everyone’s Twitch accounts.

Thankfully, there are really easy ways to circumvent this before anything severe happens:

It may be easy to be complacent about how big of a threat this is, but it’s important to not rely on just your anonymity to keep you secure.

How to Enable Two-Factor Authentication on Twitch

To enable Two-Factor Authentication on Twitch, follow these steps:

  • Log on to Twitch, click on your avatar
  • Click “Settings”
  • Go to “Security and Privacy,” then scroll down to the Security setting
  • Click “Edit Two-Factor Authentication” and follow the instructions

Note: You will need your smartphone to enable Two-Factor Authentication