Twitch hacked, full source code, dev tools, and creator details leaked online


Users advised to reset stream keys and update passwords

[Update: Twitch has confirmed that the data breach is genuine and will update the community about the hack when it has more information.]

According to reports this morning, Twitch has been hacked wide-open by person or persons unknown. The live-streaming site’s source code, along with an abundance of related account data, has been supposedly leaked as an online torrent.

First reported by VGC, the 128GB release was uploaded onto online forums by an anonymous hacker, who claimed that they found the Twitch community a “disgusting toxic cesspool” with the goal of the hack/leak being to “foster more disruption and competition in the online video streaming space”. The leak appears to be genuine, as members of the public have already begun sifting through the torrent’s contents in order to publish private data and details pertaining to popular streamers and — more specifically — their earnings.

The hacked data is said to contain the entirety of the build — which includes clients for desktop, mobile, and console, as well as comment histories; a selection of proprietary SDKs and internal AWS services; all associated Twitch properties including IGDB and CurseForge; internal developer “red-teaming” tools, (used for the purpose of hack testing); an unreleased “Steam-style” platform which was originally conceived by Amazon Game Studios; and Creator Payout Reports, reportedly dating as far back as 2019.

It is assumed that a huge data dump of Twitch users’ personal details is also in the mix, and thus it would be wise for all users to reset their Stream Keys and update their associated passwords.

Twitch is yet to officially comment on the event. According to a VGC source, the company is aware of the security breach, with suggestions that the data was hacked as recently as Monday, October 4.