Seattle (AP) – The streaming platform Twitch has fallen victim to a major data theft. A stranger posted a data packet on the network, which, according to him, contains the entire programming code for the service.
The Amazon subsidiary acknowledged that it was tapping itself: it could access data from the Internet without security due to a server configuration error.
Twitch is mainly used by gamers to broadcast live the progress of video games. The site has created its own stars and it has a high audience.
The published data also include lists of alleged revenue of twitch streamers. However, above all, exposing the entire technology base can have dangerous consequences. Rdiger Trost of IT security firm F-Secure said that these could now be considered further vulnerabilities by other cyber criminals as the source material has also been leaked. More hacks are expected to come on stage, so he warned.
Login data is not explicitly affected
At the same time, Twitch stressed that there is currently no evidence that users’ login data has been compromised. This site usually does not store complete credit card numbers, so it can not be tapped. However, as a precautionary measure, the site resets the so-called stream keys, which can assign incoming live broadcast to individual users. This is to prevent twitch channels from being hijacked by others.
The published data, among other things, showed a huge revenue gap between the most important Twitch streamers, some of whom earn hundreds of thousands of dollars, and less popular users. Many streamers confirmed that the leaked information about their income on Twitter was correct.
The published program code also includes references to the yet-to-be-released competition service for the popular Steam gaming site and internal software tools used to simulate hacker attacks on Twitches. Jeff Bezos paid $ 970 million for it, the man behind the leak on the 4Chan platform wrote with a swipe to the Amazon boss. It’s free with us.
Black Platformer asked previous Twitch developers about the leak. Among other things, they said the platform did not take any precautionary measures against staff downloading large amounts of software code. Amazon, which has a reputation for strong IT security, bought back the Twitches in 2014, but the site still runs on its own security precautions, it said.
dpa-infocom, dpa: 211007-99-507871 / 5
“Avid writer. Subtly charming alcohol fanatic. Total twitter junkie. Coffee enthusiast. Proud gamer. Web aficionado. Music advocate. Zombie lover. Reader.”