Twitch says "minimal" impact to users from hack

Streaming website explains in blog update that passwords and sensitive personal information were not leaked

Today Twitch announced in a blog post that its most recent security breach didn't expose user passwords.

"Twitch passwords have not been exposed. We are also confident that systems that store Twitch login credentials, which are hashed with bcrypt, were not accessed, nor were full credit card numbers or ACH / bank information," Twitch said.

"We've undergone a thorough review of the information included in the files exposed and are confident that it only affected a small fraction of users and the customer impact is minimal. We are contacting those who have been impacted directly."

The hack, which came to light last week, saw a wealth of internal Twitch data made public, including content creator payout information and the site's source code.

The company explained that the breach was the result of an unauthorized access after a server configuration change.

Following the leak, people who have been employed by Twitch told The Verge that Twitch management had typically been slow to act when addressing security issues on the platform.

The hack followed Twitch's efforts to improve safety on the platform by adding phone verification to chat and more email security options. These features were added to combat the site's ongoing issue with hate raids.

More stories

Twitch confirms it was hacked by "a malicious third party"

Streaming site says there's no indication so far that login or full credit card details have been exposed

By James Batchelor

New Ofcom rules calls for Twitch and platforms to better police video content

Sites face fines or suspension if they do not take "appropriate measures" to tackle videos around sexual abuse and racism

By James Batchelor

Latest comments

Sign in to contribute

Need an account? Register now.