Twitch, Amazon’s popular streaming service where gamers and content creators broadcast to wide audiences, recently suffered a data breach. Thanks to this data breach, folks on the Internet now know just how much these content creators make, and it has exposed a whole new issue that Amazon must resolve.
ZDNet reports that, “A hacker leaked the entirety of Twitch’s source code alongside a 128GB trove of data that included creator payouts going back to 2019, proprietary SDKs and internal AWS services used by Twitch, as well as all of the company’s internal cybersecurity red teaming tools.” Most users simply focused on the earnings of high-profile streamers, but as time has passed, more folks are looking at the event as something that can be learned from, particularly in regards to data privacy and security.
Twitch’s official response was that users should protect their bank accounts and other affected credentials, resetting the stream keys that are used to connect Twitch to various streaming platforms and broadcasting systems. At this time of writing, there has been no indication that credit card information or login credentials were exposed, but when it comes to network security, one can never be too careful.
This issue stems from a configuration error that left certain information exposed to the Internet. Several of these errors have popped up for various software developers, whether they are actual errors or negligence on the service side of things, and these errors have led to data breaches for other services. In any case, there isn’t much to be done besides taking the appropriate precautions yourself.
The biggest issue that comes from this event is that the Twitch application’s source code was leaked online, meaning that hackers can now use this information to discover more flaws in the source code and release it online. Plus, considering that Twitch is far from the only video streaming service out there, imagine the intellectual property complications of other streaming services getting their hands on this source code.
Ultimately, you must always remain vigilant; even if you do everything right, one muck-up on the service provider’s end, like a configuration issue, could spell trouble for your organization. You should only work with providers whom you know you can trust.
Wolk9IT wants to be one such provider for your technology management needs. You can count on us to honor your security expectations. To learn more, reach out to us at (646) 741-1166.