Security Wrap-Up (Oct 7th, 2021)

  • 7 October 2021
  • 1 reply

  • Anonymous
  • 0 replies



Even in a week when Facebook booted itself off the internet entirely, you likely heard/read/ranted to someone by now about the astoundingly nasty Twitch breach. So let’s talk about Twitch this week. First off, I hope you’ve already changed your password(s). Second, sigh…it’s tough to feel sorry for Twitch after some of their recent heat, but there’s really no hyperbole hyper-enough to get across how terrible this was for them. TL;DR that article - the information stolen/posted contains:

  • The entirety of Twitch’s source code with comment history “going back to its early beginnings”

  • Creator-payout reports from 2019

  • Mobile, desktop and console Twitch clients

  • Proprietary SDKs and internal AWS services used by Twitch

  • “Every other property that Twitch owns” including IGDB and CurseForge

  • An unreleased Steam competitor, codenamed Vapor, from Amazon Game Studios

  • Twitch internal “red-teaming” tools (designed to improve security by having staff pretend to be hackers)

Just…damn, y’all. Gotta lock down those servers (or at least re-name them?). Anyways, what do you guys think - does this change your opinion of Twitch/their platform’s security, or can I watch you play Ocarina of Time all night?? 🤘

1 reply

Userlevel 6

As a streamer, it definitely makes me rethink their security… Luckily I already had 2FA turned on but it’s still not a great experience with the platform. But, doesn’t change the fact that I’m going to continue to use Twitch, haha.