![]() Shockingly, at the time, Twitch had few staff with responsibility for cybersecurity. The incursion was judged as having “the characteristic of a minimally skilled adversary.” In other words, it appeared that an amateur had gained access. ![]() In the 2014 breach, which occurred just after the company’s acquisition by Amazon, an engineer discovered traces of unauthorized access in the game streaming service system logs. ![]() We are also confident that systems that store Twitch login credentials, which are hashed with bcrypt, were not accessed, nor were full credit card numbers or ACH / bank information.”Īs noted, this latest hack was not the first Twitch experienced. “ …the incident was a result of a server configuration change that allowed improper access by an unauthorized third party … Twitch passwords have not been exposed. So far, the company hasn’t said much about the cause of the latest Twitch hack other than to say: Source: Twitter How Did the Twitch Hack Happen? While user account login credentials and other personally identifiable information were not revealed, the data leak did include Twitch creator account earnings for the period from August 2019 to October 2021, which had not been previously public. One of the biggest problems for Twitch will be the publishing of the game streaming service’s source code because, as with the breach it experienced in 2014, the company will probably have to do a complete system rewrite to reduce the potential attack surface. The stolen content was published by an anonymous 4chan user in a 125GB torrent with the message, “Jeff Bezos paid $970 million for this, we’re giving it away FOR FREE.” The user also claimed that this was “part one,” which implies there may be more stolen content to come from the data exfiltration. Data on other Twitch properties including Vapor, IGDB, and CurseForge.An unreleased Steam competitor from Amazon Game Studios.Source code related to proprietary SDKs and internal AWS services used by Twitch.Mobile, desktop, and video game console source code of Twitch clients.The entirety of the platform’s source code, “with commit history going back to its early beginnings”.Records of three years of twitch creator payouts.When the Twitch game streaming service was hacked on October 6, 2021, the big news story was less about the fact the service got hacked but rather more about the breadth and depth of the data exfiltration: The hackers took a copy of everything on Twitch’s servers including: In February 2020, the service delivered content from three million twitch creators every month, served 15 million daily active users, and serviced an average of 1.4 million concurrent users. It also offers esports and music broadcasts. Twitch, acquired by Amazon in 2014 in a $970 million all-cash deal, is the 800-pound gorilla of video game streaming. On the other hand, should you be unlucky, you might end up like the computer game streaming service, Twitch. If you’re lucky, the consequences of the attack will be minimal-maybe just an easily analyzed and resolved website defacement. It’s not an “if,” it’s a “when.” No matter what you do, no matter how robust your think your cyber defenses are, one way or another your organization will eventually get hacked.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |