Earlier this week saw Facebook, Whatsapp, and Instagram all go down in a supposed hacking incident. However, that wasn't the only major thing to happen this Monday; apparently, Twitch was hacked, with an anonymous source posting a 125GB torrent onto 4chan today that contained user data and other sensitive information from the website. Reportedly, this data dump contains a wide variety of different things, such as the source code for Twitch, private SDKs, information about payouts that live streamers receive, clients for various platforms that Twitch is available on, and even data pertaining to other websites that Twitch owns such as IGDB and CurseForge.

Beyond that, there also appears to be an unreleased PC storefront for digital games, with the codename of Vapor, intended to compete against Steam and the Epic Games Store. As for the leaked passwords, they are reportedly encrypted. Regardless, it would be wise to change your password, or even turn on two-factor authentication for Twitch if you haven't already.

According to news outlet VGC, who broke the initial story, the following is in the torrent:

• The entirety of Twitch’s source code with comment history “going back to its early beginnings”
• Creator payout reports from 2019
• Mobile, desktop and console Twitch clients
• Proprietary SDKs and internal AWS services used by Twitch
• “Every other property that Twitch owns” including IGDB and CurseForge
• An unreleased Steam competitor, codenamed Vapor, from Amazon Game Studios
• Twitch internal ‘red teaming’ tools (designed to improve security by having staff pretend to be hackers)

According to the 4chan post, the hacker uploaded the leak in order to cause disruption and competition for Twitch, as they find the community to be toxic. While nothing else has been uploaded quite yet, the user claims that they will be leaking even more files soon in the future.

Source

 

[ChibiMofo]

What is Twitch and why should I care?

 

[linuxares]

What is Twitch and why should I care?

It's like Youtube. But worse!

 

[RichardTheKing]

I wonder if the site mods have so much as Twitched to this news...they clearly don't give a shit about their platform, considering how rules are unfairly enforced. I remember a female streamer going out of her way to give herself a temporary ban, when the mods failed to do so for an infraction, some time ago, yet the mods hammer other streamers.

 

[Flame]

Somebody can download a 125GB data from they servers.....

explain why streams quality in video are so shit

or maybe twitch is shit in general .

 

[linuxares]

I wonder if the site mods have so much as Twitched to this news...they clearly don't give a shit about their platform, considering how rules are unfairly enforced. I remember a female streamer going out of her way to give herself a temporary ban, when the mods failed to do so for an infraction, some time ago, yet the mods hammer other streamers.

Seriously there are people who bot channels and they don't give a shit.

 

[Brawl345]

Earlier this week saw Facebook, Whatsapp, and Instagram all go down in a hacking incident

No? It was just a wrong BGP configuration

 

[WiiMiiSwitch]

Yikes, Twitch sucked anyways

 

[Costello]

No? It was just a wrong BGP configuration

Thats what they want you to believe

 

[Brawl345]

Thats what they want you to believe

In case it was serious: It doesn't matter what you think that they did. Fact is, that it was an incident (and a hacker wouldn't have gained access to the BGP configuration anyway) and therefore the sentence is false. Would prefer for it to be corrected.

EDIT: Adding "supposed" does not make it more right. Remove the speculation entirely please, it's not credible and only perpetuates more wrong information.

 

[pwjpssdfvqyuhweuxx]

owned

 

[linuxares]

No? It was just a wrong BGP configuration

No, someone unplugged Zuckerberg.

 

[Vila_]

Very cool, cant wait to check it out...

 

[Reploid]

twitch is boring anyway, all streams are

 

[FAST6191]

I would rather a youtube leak but I will take this.

I want to know how they put a thumb on the scales (even the names of mod options can give things away, see some of the Twitter leaks a while back), what detection methods are used for various things (did like the actual band playing live triggering their copyright), if there are internal comms then those and the like.

Mind you source code to a website that operates at this scale is bound to be filled with some interesting things too.

Similarly some get on some nice analysis of payouts. Timeframes, averages, demographics... could make for some reading there and put ideas to rest, or confirm speculation.

 

[lokomelo]

EDIT: Adding "supposed" does not make it more right. Remove the speculation entirely please, it's not credible and only perpetuates more wrong information.

The supposition is indeed real, so the statement is correct.

The official PR response is backed for some, but not all employees heard by the press, so nothing confirmed here for either side.

 

[Sonic Angel Knight]

Is there even a way to enable 2 factor authentication without a phone?

 

[Deleted member 514389]

Oh no. What am I ever gonna do.
They'all gonna steal my TwitchDrops yarr.

 

[Deleted member 514389]

Is there even a way to enable 2 factor authentication without a phone?

I asked myself the same thing about twitter...
Github allows for mail at least...

EDIT:
Wait... my epic double posts are nolonger merged ?
Y ?

 

[Brawl345]

The supposition is indeed real

no