Twitch data breach resulted from server configuration error

Twitch Data Breach took place a couple of days ago when an anonymous hacker published a torrent file with 125 GB worth of data on the 4chan messaging board.

As reported by,’s live streaming e-sports platform, Twitch, was a victim of a massive data breach where the company reportedly was hacked in its entirety.

As per the latest update from Twitch, the company believes an erroneous server configuration change lets unauthorized individual(s) access and leak sensitive data.

“We have learned that some data was exposed to the internet due to an error in a Twitch server configuration change that was subsequently accessed by a malicious third party. Our teams are working with urgency to investigate the incident,” Twitch said in a blog post.

About the Leak

On Wednesday, an anonymous hacker posted a 125 GB torrent on the 4chan messaging board. The torrent contained leaked data, including:

  • Twitch source code for mobile
  • Desktop, and video game console clients
  • Creator payout reports
  • Internal security tools information
  • Code of proprietary SDKs
  • Internal AWS services code
  • Crucial details about a yet unreleased Steam competitor from Amazon Game Studios.

The screenshot below shows the content of the leaked data:

Screenshot of the leaked Twitch data (Image credit:

After analyzing the data was able to confirm the authenticity of the leaked data. The leaked data included details of Twitch’s most popular and highest-paid video game streamers since 2019.

For instance, it contained creator payout details worth $9.6 million of popular game Dungeons & Dragons voice actors and Canadian streamer xQcOW’s $8.4 million payouts.

SEE: World’s most dangerous laptop ‘Persistence of Chaos’ is up for auction

The leak is dubbed part one by the hackers, which means there’s more coming up soon. Taking a dig at Amazon founder Jeff Bezos, the hackers taunted:

“Bezos paid $970 million for this, we’re giving it away FOR FREE.”

4chan post on Twitch hack (Image credit:

Twitch’s Response

Twitch claims that it is still evaluating the breach’s impact. It has reset all stream keys and codes that let streamers connect and publish content on the platform to mitigate the threat.

SEE: Hacker selling DDOS-Guard database, source code, pirate sites data

The company clarified that there was no indication of data exploitation and that it doesn’t store complete credit card details. According to Video Games Chronicle, the Twitch hacker perhaps wanted to cause disruption and competition in the industry.

What is a Configuration Change?

A configuration change is a routine maintenance task in which an IT infrastructure undergoes essential changes such as turning on or off a network drive or changing its name. 

To Top

Pin It on Pinterest

Share This