Twitch has announced that the latest data breach did not leak the user’s login credentials, full credit card number, or ACH / banking information. When the security breach was first announced on October 6, the personal information people were worried about was leaked.
The breach information identified includes documents from Twitch’s source code repository and a subset of the author’s payment data. The number of affected people is minimal, Twitch claims, and has contacted individuals who are directly affected.
The security breach was due to a change in the server configuration that allowed unauthorized access from third parties. According to Twitch, this issue has been fixed. The leaked Twitch info was published in a 125GB torrent link post to 4chan. In addition to the creator’s payment data, it also included information about an unpublished competing project on Steam called “Vapor”.
Twitch claims that your login credentials haven’t been compromised, but it’s a wise decision to change your password to protect your account, even if it hasn’t been compromised yet. A wand that won’t fall!
In other Twitch news, the platform recently implemented more tools to help users fight “hate raids” after many pushes from the Twitch community. Twitch creators can now implement chat settings confirmed by phone and chat settings confirmed by email. This will prompt the chat user to verify the phone number or email once. Twitch Streamers can also adjust the pool of chat participants to which this validation applies and exempt VIPs, subscribers, and moderators.