Twitch released details of a preliminary investigation into a massive data leak on Wednesday that uncovered 125 gigabytes of proprietary data and code. These include information provided by the creator of the live streaming platform, Twitch’s source code, and an unpublished Steam competitor developed by Amazon Game Studios.
“Some data was leaked to the Internet,” Twitch said, due to an error in changing the server configuration. The server was later accessed by a malicious third party, Amazon-owned company said in a blog post late Wednesday night.
“As the investigation continues, we are still in the process of understanding the impact in detail,” Twitch said.
According to Twitch, there is no evidence that the hacked data set included a login certificate. It further stated that full credit card numbers are not stored by Twitch, so that information is not disclosed.
Earlier on Wednesday, an anonymous person uploaded stolen data from Twitch to 4chan. According to the hacker’s post, titled “Twitch Leaks Part One,” Twitch data included a three-year account of the manufacturer’s payment; Source code for mobile, desktop and game console twitch clients; An unpublished Steam competitor from Amazon Game Studios; And Twitch’s internal security equipment.
Security experts say the leak was motivated by a desire to embarrass Twitch and undermine users’ confidence in the company.
In an update to his blog post early Thursday, Twitch said it resets all stream keys – codes that allow manufacturers to connect dedicated streaming software to their Twitch channels – “with a lot of caution.” Manufacturers can get the new stream key at this link.
According to Twitch, depending on which broadcast software you use, you may need to manually update your software with the new key to start your next stream. Users of Twitch Studio, Streamlabus, Xbox, PlayStation, OBS and Twitch mobile apps are told “you don’t need to take any steps to make your new key work.”