Amazon's Twitch blames configuration error for data breach

An anonymous hacker claimed to have leaked Twitch data, including information related to the company's source code, clients and unreleased games.

 Twitch - video streaming service specializing in computer games (photo credit: FLICKR)
Twitch - video streaming service specializing in computer games
(photo credit: FLICKR)

Twitch, a live streaming e-sports platform owned by Amazon.com Inc, on Wednesday blamed "an error" in server configuration change that might have allowed an alleged hacker to leak sensitive information.

The platform said it was still assessing the impact and that it had reset all stream keys, or codes that allow influencers and streamers to connect and publish content for users.

Video Games Chronicle had earlier reported that an anonymous hacker had claimed to have leaked Twitch's data, including the source code and information on its clients and unreleased games.

Earlier this week, Facebook Inc had blamed a "faulty configuration change" during routine maintenance work at its data centers networks for the nearly six-hour outage, which prevented the company's 3.5 billion users from accessing its social media and messaging services.

The social media giant later confirmed that the error was not due to any malicious activity.

"Facebook basically just removed themselves from the Internet but they did not lose any sensitive information. For Twitch, it was just bad fortune," said Candid Wuest, an executive for cyber protection research at Acronis.

A configuration change, which essentially means a routine maintenance change of an IT infrastructure from turning a network drive on or off or giving it a new name, possibly allowed a third party to access Twitch's data, Wuest said.

Twitch, a popular platform among video gamers where they interact with users while live streaming content, said there was no indication of any exposure of user login credentials. The platform also added that it does not store full credit card details.

A hooded man holds a laptop computer as a blue screen with an exclamation mark is projected on him in this illustration picture taken on May 13, 2017.  (credit: REUTERS/KACPER PEMPEL/ILLUSTRATION/FILE PHOTO)
A hooded man holds a laptop computer as a blue screen with an exclamation mark is projected on him in this illustration picture taken on May 13, 2017. (credit: REUTERS/KACPER PEMPEL/ILLUSTRATION/FILE PHOTO)

The Twitch hacker's motive was to "foster more disruption and competition in the online video streaming space," according to the Video Games Chronicle report.

About 125GB of data was leaked, including details on Twitch's highest-paid video game streamers since 2019 such as a $9.6 million payout to the voice actors of popular game "Dungeons & Dragons" and $8.4 million to Canadian streamer xQcOW, the report said.


Stay updated with the latest news!

Subscribe to The Jerusalem Post Newsletter


"Twitch leak is real. Includes significant amount of personal data," cyber security expert Kevin Beaumont tweeted.

Twitch, with over 30 million average daily visitors, has become increasingly popular with musicians and video gamers.

The platform, which was boycotted earlier this year by users for not doing enough to block harassment, previously made a move to ban users or offenses such as hate-group membership and credible threats of mass violence.