Skip to main content

Twitch confirms it was hacked by "a malicious third party"

Streaming site says there's no indication so far that login or full credit card details have been exposed

Twitch has confirmed it suffered a security breach that exposed its source code, leading streamers' earnings, and more.

The acknowledgement came via Twitter yesterday, with the company adding that it is "working with urgency to understand the extent of this."

This morning, a blog post shares a little more detail.

"We have learned that some data was exposed to the internet due to an error in a Twitch server configuration change that was subsequently accessed by a malicious third party," the company wrote.

"As the investigation is ongoing, we are still in the process of understanding the impact in detail."

Twitch also addressed concerns over user data that may have been exposed. It said that, at this time, there is no indication that login details such as passwords have been leaked, although it will continue investigating.

The site also reiterated that it does not store full credit card numbers, so these have not been exposed.

Yesterday, it was reported that the hacker shared a 125GB torrent online, claiming the leak was to "foster more disruption and competition in the online video streaming space," adding that the Twitch community "is a disgusting toxic cesspool."

The breach exposed Twitch's source code, details on its mobile, desktop and console clients, payouts towards the top streamers from the past two years, and details on other Amazon-owned projects, including an proposed Stream rival Vapor.

Read this next

James Batchelor avatar
James Batchelor: James is Editor-in-Chief at, and has been a B2B journalist since 2006. He is author of The Best Non-Violent Video Games
Related topics