Join us on our own very special Reddit: /r/Linuxers

Twitch is not having a good time lately. On top of battling bots engaging in hate-raids spamming chats with horrible things, it appears they've also suffered a massive data breach.

First reported (as far as we can tell) by VGC, who have since had it confirmed that it's legitimate, this is a massive blow to Twitch and really shines a light on their security for such a thing to happen. Even though there's no indication yet that it includes login details, you may want to be extra careful and go change your Twitch password.

As for what it contains it includes:

  • Twitch source code with repository commit history "going back to its early beginnings"
  • Mobile, desktop and video game console Twitch clients
  • Various proprietary SDKs and internal AWS services used by Twitch
  • "Every other property that Twitch owns" including IGDB and CurseForge
  • An apparent planned competitor to Steam named "Vapor"
  • Streamer payout reports showing some receiving massive payouts
  • Twitch security tools

This leak is apparently only part one, so there may be more to come yet. From what the leaker said they called the Twitch community a "disgusting toxic cesspool" and so they wanted to "foster more disruption and competition in the online video streaming space".

Ouch.

Update - Twitch has now confirmed on Twitter that it's real:

We can confirm a breach has taken place. Our teams are working with urgency to understand the extent of this. We will update the community as soon as additional information is available. Thank you for bearing with us.
Article taken from GamingOnLinux.com.
Tags: Meta
23 Likes
We do often include affiliate links to earn us some pennies. We are currently affiliated with GOG and Humble Store. See more here.
About the author -
author picture
I am the owner of GamingOnLinux. After discovering Linux back in the days of Mandrake in 2003, I constantly came back to check on the progress of Linux until Ubuntu appeared on the scene and it helped me to really love it. You can reach me easily by emailing GamingOnLinux directly.
See more from me
30 comments
Page: 1/3»
  Go to:

kuhpunkt 6 Oct
Really curious about Vapor. I mean they already have Luna... is anybody using that?
Nezchan 6 Oct
Given how "well" Twitch is run, I wouldn't touch this Vapour thing with a bargepole.
dxmn 6 Oct
2FA exists for a reason, if your account gets compromised because of this then it'd be wise to enable it. If you already have it for your Steam account (for trading, etc), why not enable it for all your other private accounts?
lets be honest, no one probably needs vapor as long as Steam can satisfy our needs. since twitch is owned by amazon, this breach should affect them somehow. I wonder if bezoz has been made aware of all this.
Zlopez 6 Oct
  • Supporter Plus
Maybe they could now go open source.
BielFPs 6 Oct
QuoteAn apparent planned competitor to Steam named "Vapor"
An apparent planned competitor to Steam named "Steam" lol
Probably a coincidence but when I logged in this morning to twitch (I usually use the app on my phone) it did ask me to reset my password. Already had 2FA enabled.


Last edited by buckysrevenge on 6 October 2021 at 3:48 pm UTC
Liam Dawe 6 Oct
Article title and text updated as Twitch has confirmed it.
Ehvis 6 Oct
View PC info
  • Supporter Plus
A refreshing change to see that when there is a big data breach, it's actually the company's own data instead of that of the users that gets stolen.
TheSHEEEP 6 Oct
View PC info
  • Supporter Plus
Quoting: dxmn2FA exists for a reason, if your account gets compromised because of this then it'd be wise to enable it. If you already have it for your Steam account (for trading, etc), why not enable it for all your other private accounts?
Just tried to (it was one of the few services I use where I didn't have that yet) - it won't accept any confirmation numbers sent to me via SMS. Their system is thoroughly borked.
One can only hope they'll fix it in the coming days.

I changed my password, of course, but still.
While you're here, please consider supporting GamingOnLinux on:

Patreon, Liberapay or PayPal Donation.

This ensures all of our main content remains totally free for everyone with no article paywalls. We also don't have tons of adverts, there's also no tracking and we respect your privacy. Just good, fresh content. Without your continued support, we simply could not continue!

You can find even more ways to support us on this dedicated page any time. If you already are, thank you!
Login / Register

Or login with...
Sign in with Steam Sign in with Twitter Sign in with Google
Social logins require cookies to stay logged in.

Livestreams & Videos
Community Livestreams