Twitch said that users’ passwords, as well as their card numbers and other banking information, did not fall into the hands of hackers who hacked the streaming platform. The leak affected the source code of the service and data on payments of a “small part” of streamers, the company said.
The massive leak of data from the streaming platform Twitch did not affect user passwords, card numbers and other banking information. This is stated in a message published on Friday in the company’s blog.
“Twitch passwords have not been revealed. We are also confident that [hackers] did not gain access to systems that store Twitch login credentials that are hashed using [cryptographic utility] bcrypt, nor did they gain access to full credit card numbers or other banking information. ” …
The company said that during the hacking, only the source code of the platform, as well as information about payments to streamers, could be leaked to the network. “We have conducted a thorough analysis of the information contained in the released files, and we are confident that this affected only a small part of users and the impact on customers is minimal. We are in direct contact with those who have suffered, ”- assured in Twitch.
Earlier this week, an anonymous user on the 4chan forum posted stolen Twitch data on it. He said he had access to the streaming platform’s source code, its desktop and mobile applications, a number of encrypted user passwords and payout information to streamers over the past three years. The author of the leak noted that he posted only part of the data, but did not specify whether he plans to share the rest.
The Twitch blog confirmed the leak, noting that it was an external hack of the system due to a misconfiguration on the server. The company stressed that they do not store the data of users’ bank cards, so they could not be stolen. At the same time, the company said that it had “no evidence” of a credential leak.
After the incident, Roskomnadzor sent a request to the US Twitch office demanding detailed information about the leak. The representative of the Russian department then said that the response to the request, including the amount of compromised data of the Russians, should be given by the streaming service 30 days after it was received. If these deadlines are not met or the request is ignored, then the company may be held liable under Article 19.7 of the Administrative Code (a fine for legal entities of up to 5,000 rubles).
Catch up on more articles here
Follow us on Twitter here