Skip to main content

Twitch says "minimal" impact to users from hack

Streaming website explains in blog update that passwords and sensitive personal information were not leaked

Today Twitch announced in a blog post that its most recent security breach didn't expose user passwords.

"Twitch passwords have not been exposed. We are also confident that systems that store Twitch login credentials, which are hashed with bcrypt, were not accessed, nor were full credit card numbers or ACH / bank information," Twitch said.

"We've undergone a thorough review of the information included in the files exposed and are confident that it only affected a small fraction of users and the customer impact is minimal. We are contacting those who have been impacted directly."

The hack, which came to light last week, saw a wealth of internal Twitch data made public, including content creator payout information and the site's source code.

The company explained that the breach was the result of an unauthorized access after a server configuration change.

Following the leak, people who have been employed by Twitch told The Verge that Twitch management had typically been slow to act when addressing security issues on the platform.

The hack followed Twitch's efforts to improve safety on the platform by adding phone verification to chat and more email security options. These features were added to combat the site's ongoing issue with hate raids.

Read this next

Jeffrey Rousseau avatar
Jeffrey Rousseau: Jeffrey joined in March 2021. Based in Florida, his work focused on the intersectionality of games and media. He enjoys reading, podcasts, staying informed, and learning how people are tackling issues.
Related topics