Twitch confirms massive leak is real as it scrambles to understand its extent
Twitch is investigating the platform's massive data breach after verifying its authenticity.
This has been an unexpectedly eventful week for Twitch, for all the wrong reasons. Yesterday, an anonymous hacker released over 125GB of data, which they claimed contains Twitch's entire source code.
The magnitude of the leak is so vast, it includes SDKs for the site and its apps, plans for Steam competitor called Vapor, payouts to the platform's top streamers, and a wealth of other privileged information. After initially not issuing any statements, Twitch has now confirmed that "a breach has taken place," promising to kick off an investigation to understand the extent of the damage.
Several hours later, Twitch shared slightly more information in a blog post, revealing that "some data" was leaked because of an error in its server configuration change. This unfortunate error allowed hackers to access Twitch's servers.
"As the investigation is ongoing, we are still in the process of understanding the impact in detail. We understand that this situation raises concerns, and we want to address some of those here while our investigation continues," said Twitch.
The company added that it has "no indication" that user login credentials were part of the leak, though the investigation is ongoing (we still recommend you change passwords and enable 2FA). Credit card information has also not been exposed, because Twitch does not store credit card numbers.
Twitch promised to share regular updates as its investigation uncovers more.