The Twitch game streaming platform has been the victim of a significant data breach, as reported by the same company, by disseminating confidential information about the company and the revenue of the streamers.

The volume of data that hackers have stolen (and partly shared on different forums) exceeds 100 Gbytes.

The documents seem to show that the best Twitch streamers have earned millions of dollars from Amazon’s owned company in the last two years.

Twitch confirmed the breach and stated that it is working urgently to understand its size.

In a statement published on Twitter, the company stated that it will update the community as soon as further information is available.

We can confirm a breach has taken place. Our teams are working with urgency to understand the extent of this. We will update the community as soon as additional information is available. Thank you for bearing with us. • Twitch (@Twitch) October 6, 2021

Fortnite’s BBG Calc streamer confirmed to BBC News that the gains from Twitch, and reported in data breach files, are 100% accurate. There are many streamers that have confirmed the accuracy of the data.

Twitch data breach, what was taken

In the subtracted package (as said of almost 130 GByte) and at least partially then distributed on 4chan, there are data of every type and of every level of importance. For example there are SDKs, various software clients and their sources, detailed streamer rewards and much more.

The reasons for the attack seem to be political to some extent, since hackers have expressly declared \ guerra    to online streaming.

The figures on streamers’ earnings are really impressive, considering that the first 81 from August 2019 to September 2021 have forfeited figures over a million dollars. The Top 10 range from nearly $10 million to just under $3.

Of course, the first obvious suggestion to all readers that we have a Twitch account is to immediately change the password.

The company’s official comment

In his official blog, Twitch clarified that some data was exposed to the Internet due to an error in a change in the server configuration to which access was subsequently made by malicious third parties. • Our teams are working urgently to investigate the incident. As the survey is underway, we are still in the process of understanding the impact in detail. We understand that this situation raises concerns and we want to address some here as our investigation continues.

At the moment, continues the blog post, there is no indication that the login credentials have been displayed. We’re continuing to investigate.

In addition, the full numbers of credit cards are not stored by Twitch, so the full numbers of credit cards have not been displayed.

In a later update, Twitch announced that he had reset all the stream keys, inviting users to use the dashboard to get a new key

Darktrace’s opinion on Twitch’s data breach

According to Marcus Fowler, Darktrace’s Director of Strategic Threat, based on the available information, behind the attack against Twitch there seems to be a hacktivist who wanted to harm the company because he did not believe that he had taken action This violation follows the hack that occurred in mid-September against the web hosting company Epik, known to offer its services to right-wing organizations’ websites, confirming one of the emerging trends: attacks by malicious people operating

The first analyses seem to indicate that the violation occurred by passing from an external provider of Twitch, which reminds companies that they are protected only if and to the extent that their supply chain is also. In this case, as with many other cyber attacks in recent months, the consequences for Twitch are likely to be significant, both in terms of reputation and financial.

The loss of the Payload creator, the data on payments made to the creators on Twitch, would have been relatively easy to calculate manually (even if time consuming) even before the data leak, but the fact that they were all collected in the same place provided

The current threat scenario means that no sector or organization can be considered safe and shows that attackers do not only think of economic gain or geopolitical advantage. Among the goals are also numerous traditional manufacturing companies that exploit highly digitised live streaming platforms such as Twitch. To prepare for the worst scenario, therefore, all organisations should take appropriate measures, such as implementing an advanced artificial intelligence

Leave a Reply

Your email address will not be published.

You May Also Like