Twitch confirms major data breach

Twitch on Wednesday (6 October) confirms that it experienced a major data breach. Among the data leaked is the source code of Amazon Game Studios’ unreleased streaming service, which would be the competitor of Steam.

This started by an anonymous 4chan user that posted a 125GB torrent file, claiming that it contains the entirety of Amazon’s streaming platform, including its commit history. The user claimed that the breach is meant to “foster more disruption and competition in the online video streaming space”.

Twitch later confirmed that the breach is legitimate and the company was prioritising to understand the extent of the leak. So far, the leak includes:

  • Three years worth of Twitch creator payouts details.

  • The entirety of twitch.tv and its commit history from its early beginnings

  • Source code for the mobile, desktop and video game console of Twitch clients.

  • Code related to proprietary SDKs and internal AWS services used by Twitch.

  • The source code of the unreleased competitor of Steam by Amazon Game Studios service.

  • Data on other Twitch properties like IGDB and CurseForge.

  • Twitch’s internal security tools.

These findings are labeled as “part one” as more updates about the leak are expected to surface. It is also reported that Twitch is aware of the leak, but has not yet informed its users.

Twitch on September had its creators leaving their channels vacant of new content as they did #ADayOffTwitch. The movement was taken in the wake of the #TwitchDoBetter movement by Twitch creators and users who protested against Twitch’s absence during massive hate raids happening prior to that. The hashtag was used to urge Twitch to do something about making the platform a safer place for its users.