Connect with us

Hi, what are you looking for?



Twitch Data Breach Exposes User Passwords, Other Information

Twitch, the popular video game streaming service acquired by Amazon last year for $970 million, has notified customers that their account information might have been accessed by an unauthorized third party.

Twitch, the popular video game streaming service acquired by Amazon last year for $970 million, has notified customers that their account information might have been accessed by an unauthorized third party.

The company hasn’t provided too many details on the incident. In a blog post published on Monday, Twitch informed users that their passwords have been reset and that they will have to set new ones the next time they log in to their accounts.

Twitch hacked

In an email sent out to affected customers, Twitch revealed that usernames, email addresses, “cryptographically protected” passwords, the IP address from which they logged in most recently, limited credit card information (card type, expiration date, and partial card number) have been exposed in the breach.

The attacker might have also gained access to names, phone numbers, dates of birth, and addresses, but only in the case of users who provided this information. The company says it does not store full credit or debit card data so payment information couldn’t have been accessed.

The notification emails received by some users also contain a note suggesting that attackers planted malicious code on Twitch’s website on March 3.

To prevent misuse, Twitch says it has expired passwords and stream keys, and disconnected Twitter and YouTube accounts.

Initially, Twitch wanted users to set new passwords that were complex and at least 20 characters long. However, after numerous users complained on social networks about the overly-restrictive password requirements, the company reduced the minimum length to 8 characters.

Advertisement. Scroll to continue reading.

This isn’t the first time the credentials of Twitch users are exposed. Back in June 2013, the streaming service informed customers that their passwords and stream keys had been reset as a precaution after the company’s CDN partner mistakenly cached some pages that shouldn’t have been cached.

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...