Mitnick Security Blog - Cybersecurity News and Articles

An Overview of the 2021 Twitch Live Streaming Data Breach

Written by Mitnick Security | Oct 11, 2021 3:10:14 PM

Online video gamers everywhere had their eyes and ears on the news, curious to learn more about their popular live streaming service Twitch and its recent data breach. 

While much remains unknown, there are many things we do know about the cyberattack and its implication on its core audience.

Let’s look at what data was acquired, how the leak could affect users and some important lessons from the 2021 Twitch streaming data breach:

What Happened?

Wednesday, October 6th, the American interactive live streaming service Twitch announced on its Twitter that it was the victim of a cybersecurity attack. 

 

More than 100GB of leaked data was publicly posted online on 4chan on Wednesday, according to BBC. 

Amongst the posted data included three years of payment information showing how much Twitch compensated its elite gamers — causing quite a stir online over the high earnings of a select few top streamers. The leak revealed that Twitch paid more than $108,000 annually to 13 individual accounts or users since 2019, bringing rise to debates over how much a streamer should really be making and their career continuity from here on out.

A Twitch spokeswoman declined to comment on the exact data compromised, according to The Wall Street Journal. However, other sources say the stolen information included user data, internal company documents, Twitch’s proprietary source code, security tools and more

With more than 7 million people a month streaming content, this leak could have serious implications for both Twitch users and the hacked brand alike. As a subsidiary of Amazon.com, Inc., some worry about the connection the bad actor(s) may have to larger pools of Amazon data… but before we dive in too deep, let’s explore why Twitch was attacked. 

“Hacktivist” Due Diligence 

The stir all began on October 6th when an individual posted a 125-GB torrent file containing contents of the breach on a public 4chan message board.

The user claims to have posted the files in response to the “hate raids” Twitch faced in September, wherein malicious attackers develop bots to flood top streamers’ chat rooms with hateful messages. While Twitch sued two users accused of frontiering the raids, the leaker claims the community itself is “toxic.” 

The user wrote that the Twitch “community is… a disgusting toxic cesspool, so to foster more disruption and competition in the online video streaming space, we have completely pwned them... Find out how much your favorite streamer is really making!”

This isn’t the first time Twitch was accused of toxicity. In 2020, Twitch employee whistleblowers accused the brand of being “a tonedeaf, white-and cis-hetero-male-dominated culture.” Their parent company Amazon itself has faced a lot of scrutiny over ethics as well.

Activist hackers, AKA “hacktivists,” are taking a stance on causes important to them, yet there’s no telling what repercussions this leak may have on the streamers the leaker outed online. 

Twitch’s Response

After announcing on Twitter that their company was indeed breached, Twitch shared a blog update regarding stream keys, saying, “Out of an abundance of caution, we have reset all stream keys. Depending on which broadcast software you use, you may need to manually update your software with this new key to start your next stream.” 

They explained that Twitch Studio, Streamlabs, Xbox, PlayStation, OBS and Twitch Mobile App users should not need to take any action for your new key to work, but that all other users should follow their setup instructions. 

“At this time, we have no indication that login credentials have been exposed,” Twitch also shared. “We are continuing to investigate. Additionally, full credit card numbers are not stored by Twitch, so full credit card numbers were not exposed.”

Key Takeaways

There are a few things both Twitch users and others can do or learn from the 2021 Twitch live streaming data breach:

1. This may only be the start of more data leaks to come.

When the hacker shared the downloadable files, they labeled it “twitch-leaks-part-one.” This could possibly imply there may be more leaks of additional stolen data. Be alert for other data exposures and additional remediation actions to come.

2. Reset your passwords and multi-factor authentication (MFA).

While there’s no evidence that login credentials have been compromised (yet), it’s better to be safe than sorry. We advise Twitch users to change their passwords on the platform or anywhere else where they used that same password twice. Additionally, remove your old MFA and reinstall it again in case MFA seeds were also leaked.

3. Maintain security best practices.

Cyber breaches have been on the rise in the past two years, emphasizing the importance of heightened password strength and stricter data privacy protection. To stay on top of threats to your security, run a quarterly vulnerability assessment and annual pentest

 

Keep Cyber Threats at Bay

From the Kaseya attack to the UHS breach, and now Amazon Twitch’s data breach, cyberattacks are growing more frequent and more complex. Protect your organization from internal and external threats by taking action to strengthen your defenses.

Download our 5-1/2 Easy Steps to Avoid Cyber Threats guide to get started today!