Following the big incident on October 6th, Twitch has issued an update, reassuring users that their login credentials should be safe, but resetting stream keys for everyone out of “an abundance of caution.”
A data breach on October 6 collected approximately 120GB of internal Twitch files, including source code and earnings data for top streamers have made headlines recently. Twitch verified the breach later in the day and stated that they were working quickly to determine the scope of the problem.
They further issued an update on October 7th telling users that all stream keys had been reset. A stream key is a one-of-a-kind identifier that connects a broadcaster’s streaming software to their Twitch channel. A stream key would be a critical component if a bad actor tried to ‘hack’ into a channel and stream from it, making it one of the most secure pieces of data.
Twitch even advises users not to disclose their stream key with Twitch employees in order to keep it safe.
Twitch announced on its blog that: “Out of an abundance of caution, we have reset all stream keys. Depending on which broadcast software you use, you may need to manually update your software with this new key to start your next stream.”
One of the major concerns following the incident was that personal information such as user passwords will be exposed. Some speculated that the data was in the leak, but that it was encrypted, and that it would remain private unless it was targeted. However, in their blog, Twitch states “At this time, we have no indication that login credentials have been exposed. We are continuing to investigate.”