Popular streaming service Twitch confirmed yesterday that a data breach had occurred that leaked a massive amount of data into the wild. Twitch said yesterday, when it first announced the data breach occurred, it was working to understand the extent of the breach and promised to share more information when available. Some reports have suggested that 125 gigabytes of data had been leaked due to the attack, including full Twitch source code and payout information for the platform’s top streamers.
As promised, Twitch has shared some information on the data breach. It confirmed that “some data” had been exposed to the Internet because of an error in a server configuration change. That error allowed a malicious third party to access the information. Twitch says it is still working on the investigation of the incident.
While Twitch is still in the process of understanding the full impact in detail, it has addressed some specific concerns for users. Twitch says at this time, the investigation indicates that no login credentials were exposed. However, the company is clear it is continuing to investigate. Any Twitch user who pays by credit card may feel better knowing that the platform does not store full credit card numbers.
Twitch is clear that full credit card numbers were not exposed. As specific as investigators are about “full credit card numbers” not being exposed, it would seem that there’s a possibility partial credit card numbers may have been exposed in the breach. Twitch didn’t share any more information on the investigation at this time.
It has not confirmed how much data was lost in the breach and whether it included payout information for the platform’s top streamers. Presumably, Twitch will share additional details as they are discovered in the investigation.