Security News > 2021 > October > Twitch Leak Included Emails, Password: Researcher
It's a horrific leak that included the Amazon-owned service's source code, comments dating back to the dawn of Twitch time, security tools, an unreleased Amazon Game Studios competitor to Steam, a list of of the highest-paid channels plus how much they were paid, and more.
On Wednesday, Twitch disclosed that "Some data" was exposed to the internet due to "An error in a Twitch server configuration change that was subsequently accessed by a malicious third party." It said that its teams were urgently investigating, but that it hadn't found any evidence that login credentials had been exposed.
In spite of Twitch's failure to find any evidence of exposed user data, the independent researcher shared with PrivacySharks other datastores containing personal data, including a PayPal file containing details on more than 1,000 chargebacks made from Twitch to various platforms.
The researcher who was looking over Twitch's doxxed data claimed that Twitch uses what PrivacySharks described as "Detection tactics involving broadcast statistics to see whether or not streamers are using view-bots."
Twitch's embrace of anti-view-bot technology shouldn't surprise anyone: In April, Twitch announced that it was cracking down on the bots, leading many Twitch streamers to hemorrhage followers.
Given the findings of PrivacySharks' researcher contact, and just to stay on the safe side, Werner suggested that to protect themselves, Twitch users should enable two-factor authentication and ensure that they're not using their old Twitch password for any other accounts.