Twitch: No Passwords Were Taken in Data Breach

Twitch: No Passwords Were Taken in Data Breach

A massive breach at one of the world’s biggest gaming platforms earlier this month may not be as bad as first thought, with the firm claiming that no passwords were exposed in the incident.

Security experts roundly criticized Amazon-owned Twitch after an anonymous user posted a 125GB torrent link to 4Chan, and claimed to have leaked every digital property owned by the firm.

However, in an update on Friday, Twitch claimed that user passwords were not impacted.

“We are also confident that systems that store Twitch login credentials, which are hashed with bcrypt, were not accessed, nor were full credit card numbers or ACH / bank information,” it added.

“The exposed data primarily contained documents from Twitch’s source code repository, as well as a subset of creator pay-out data. We’ve undergone a thorough review of the information included in the files exposed and are confident that it only affected a small fraction of users and the customer impact is minimal. We are contacting those who have been impacted directly.”

At the time, the attacker claimed to have all of the firm’s source code; mobile, desktop and console clients; proprietary SDKs and internal AWS

Read More: https://www.infosecurity-magazine.com/news/twitch-no-passwords-were-taken-in/