Hackers leak Twitch’s source code and streamer payment figures
According to the report, an anonymous user posted a 125GB torrent link to 4chan on Wednesday, and claimed that it contained “the entirety of twitch.tv, with comment history going back to its early beginnings.”
https://t.co/7vTDeRA9vt got leaked. Like, the entire website; Source code with comments for the website and various console/phone versions, refrences to an unreleased steam competitor, payouts, encrypted passwords that kinda thing.— Sinoc (@Sinoc229) October 6, 2021
Might wana change your passwords.
Here is a list of data that the hacker claims is contained in the leaked file:
- Mobile, desktop and console Twitch clients
- Proprietary SDKs and internal AWS services used by Twitch
- “Every other property that Twitch owns” including IGDB and CurseForge
- An unreleased Steam competitor, codenamed Vapor, from Amazon Game Studios
- Twitch internal ‘red teaming’ tools
- The entirety of Twitch’s source code with comment history “going back to its early beginnings”
- Creator payout reports from 2019
It is believed that Twitch is aware of the breach, however, Twitch is yet to release an official statement on the situation.
Apparently, the hacker or group seems to be upset with the Twitch community calling it a “disgusting toxic cesspool.”
“Their community is also a disgusting toxic cesspool, so to foster more disruption and competition in the online video streaming space, we have completely pwned them,” read the post from the anonymous user.
Here's a more comprehensive list of leaked Twitch payouts (I will keep updating this thread as more things come out). pic.twitter.com/15JItvp6l4— KnowSomething (@KnowS0mething) October 6, 2021
It may be recalled that Twitch has recently been facing a lot of backlash from the community with the increase in “hate raids” on the platform. Twitch streamers, in September, protested against “hate raids” by taking a day off the streaming platform. Twitch has since introduced new policies to help fight hate raids against marginalised streamers on its platform.
It appears though that Twitch users personal data like passwords, addresses and banking information were revealed, however, it is also possible that these would be revealed in a separate drop.
If you are a Twitch user, it is recommended that you turn on two-factor authentication to make sure that your account remains safe. Even if your password is compromised, turning on two-factor authentication will ensure the hacker will still need your phone to prove your identity.