Twitch has released a statement confirming that passwords and login credentials were not exposed, following a massive security breach last week.
After Twitch’s source code was reportedly hacked in its entirety on October 6, the streaming platform has released a statement confirming that “Twitch passwords have not been exposed”.
The company has also said that it is “confident that systems that store Twitch login credentials, which are hashed with bcrypt, were not accessed, nor were full credit card numbers or ACH/bank information.”
Although passwords and critical financial information remain secure and “customer impact is minimal”, the security breach managed to leak “documents from Twitch’s source code repository, as well as a subset of creator payout data”.
In response to the data breach, Twitch has “undergone a thorough review of the information included in the files exposed” and found that “it only affected a small fraction of users”, who the company is in the process of contacting.
“We take our responsibility to protect your data very seriously. We have taken steps to further secure our service, and we apologise to our community,” reads the last paragraph in Twitch’s statement.
Last week, Twitch reset stream keys “out of an abundance of caution” and confirmed that the hack was conducted by a “malicious third party” that managed to access a server configuration change.
Despite Twitch stating that passwords are safe, security experts have recommended that “all users should obviously change their passwords, and use 2FA (two-factor authentication) if they are not doing so already”.
In other news, Steam has updated its rules and guidelines to state that games involving NFT or cryptocurrency trading will not be welcome on the storefront. Following Steam‘s updated guidelines, one game that uses NFTs has reportedly been told that it will be imminently removed from the platform.
The post Twitch states “passwords have not been exposed” since security breach appeared first on NME.
