Live video broadcasting service Twitch has been hit by a massive hack that exposed 125GB of the company’s data. In a thread posted (and removed) Wednesday, an anonymous user posted a torrent file of the multi-gig data dump. The dump contains the company’s source code and details of money earned by Twitch creators.
Twitch admits to breach but is unsure of the “extent”
An anonymous user claimed to leak 125GB of data lifted from 6,000 internal Twitch Git repositories. The forum poster mocked Amazon’s acquisition of Twitch, writing, “Jeff Bezos paid $970 million for this, we’re giving it away FOR FREE.”
WhatsApp Users Will Be Able To Hide Profile Images From Certain Contacts In The New Update
Follow us on Twitter, Telegram and Instagram
The hacker wrote that the purpose of the leak was to cause disruption and promote competition among video streaming platforms. The hacker further said that Twitch’s “community is a disgusting, toxic cesspool.”
Twitch has admitted to the breach. At this point, it appears even Twitch isn’t aware of the full extent of the breach, as the company is still working out the details:
Earnings of top Twitch creators revealed
The same thread also claimed to expose “creator payout reports from 2019 until now. Find out how much your favourite streamer is really making!”
Notably, the 125GB archive is titled “Part One,” alluding to the possibility of future leaks.
New Tata Punch Officially Revealed: Variants, Colours And Availability
Follow us on Twitter, Telegram and Instagram
A small subset of data shows the earnings of the top 10,000 Twitch users next to their usernames. An updated list was posted by game creator Sinoc, and a Twitter user who analyzed the dump posted a detailed breakdown of the payouts:
An anonymous Twitch source confirmed to Video Games Chronicle that the leaked data, including Twitch’s source code, is legitimate. According to the company source, the data was obtained as recently as Monday.
The 4chan poster claims the leaked data dump contains:
- The entirety of twitch.tv’s source code, with commit history from the beginning
- Creator payout reports starting from 2019
- Mobile, desktop, and video game console Twitch clients
- Proprietary SDKs and internal AWS services used by Twitch
- Data from “every other property that Twitch owns,” including IGDB and CurseForge
- Information about an unreleased Steam competitor (“Vapor”) from Amazon Game Studios
- Twitch’s internal “red teaming” tools used by SOC (security) teams
The dump also reportedly contains Unity source code for a game called “Vapeworld.”
Portions of the leaked archive are vast and contain large ZIPs, and it may be days before the complete extent of the breach is understood:
Some Twitter users also claimed to see encrypted passwords present in the dump and are urging Twitch users to enable two-factor authentication and change passwords as a safeguard.
Why You Shouldn’t Save Debit/Credit Card Details Or CVV On E-Commerce Websites
Follow us on Twitter and Telegram
The hack puts more bad news on Twitch’s plate and follows a recent and long-awaited public response to hate raid issues. During such raids, vulgar and hateful speech is dumped into the site’s prominent chat feeds by users and bots.
Interestingly, NBC’s tech investigations reporter Olivia Solon says that all of Amazon’s warehouse systems were hit by a network disruption last night, although the company won’t confirm if this event was connected to the Twitch hack.