Twitch says "minimal" impact to users from hack

Streaming website explains in blog update that passwords and sensitive personal information were not leaked

Today Twitch announced in a blog post that its most recent security breach didn't expose user passwords.

"Twitch passwords have not been exposed. We are also confident that systems that store Twitch login credentials, which are hashed with bcrypt, were not accessed, nor were full credit card numbers or ACH / bank information," Twitch said.

"We've undergone a thorough review of the information included in the files exposed and are confident that it only affected a small fraction of users and the customer impact is minimal. We are contacting those who have been impacted directly."

The hack, which came to light last week, saw a wealth of internal Twitch data made public, including content creator payout information and the site's source code.

The company explained that the breach was the result of an unauthorized access after a server configuration change.

Following the leak, people who have been employed by Twitch told The Verge that Twitch management had typically been slow to act when addressing security issues on the platform.

The hack followed Twitch's efforts to improve safety on the platform by adding phone verification to chat and more email security options. These features were added to combat the site's ongoing issue with hate raids.

More stories

New York AG investigating Twitch, Discord role in Buffalo shooting

Letitia James also looking into 4chan and 8chan, saying the terror attack "again revealed the depths and dangers of these platforms that spread and promote hate without consequence"

By Brendan Sinclair

Twitch details response after Buffalo shooter livestreamed mass shooting

Site claims it ended stream less than two minutes after it began, is trying to stop the footage from spreading

By James Batchelor

Latest comments

Sign in to contribute

Need an account? Register now.