Slashdot Mirror

← Back to Stories (view on slashdot.org)

Possible Twitch.tv Security Breach

Posted by Soulskill on from the another-day,-another-breach dept.

New submitter FalleStar writes: Today, the world's largest video game livestreaming website, Twitch.tv, posted the following blog entry: "We are writing to let you know that there may have been unauthorized access to some Twitch user account information. For your protection, we have expired passwords and stream keys and have disconnected accounts from Twitter and YouTube. As a result, you will be prompted to create a new password the next time you attempt to log into your Twitch account. We also recommend that you change your password at any website where you use the same or a similar password." The full details of the breach have yet to be released. Back in a 2013 blog post, Twitch reported that one of their CDNs had mistakenly exposed user account information, and they mentioned that their user passwords are hashed, but did not indicate whether or not they are salted. In addition to the blog post, Twitch users are being notified of the intrusion by email. According to one such email, compromised data may include the last IP address a user logged in from, as well as some credit card information — but not full card numbers, since Twitch doesn't store those.

49 comments

  1. Can't delete my account by Anonymous Coward · · Score: 1

    They're pulling some serious Facebook shenanigans here.

    1. Re:Can't delete my account by Anonymous Coward · · Score: 0

      You are the product!

  2. Google Play store wants CCNs by hackwrench · · Score: 1

    And now Google Play store wants credit card numbers for free apps. They can forget about it.

    1. Re:Google Play store wants CCNs by raynet · · Score: 1

      Just installed an app from Google Play and didn't need to give credit card number.

      --
      - Raynet --> .
    2. Re:Google Play store wants CCNs by Anonymous Coward · · Score: 1

      Don't mistake the free ones for the free ones that have in-app-purchases. That's why they want your credit card number It's just a trick they use to get the app listed in the "free" category.

    3. Re: Google Play store wants CCNs by hackwrench · · Score: 1

      They may be rolling it out in stages or may not require it if you're signed up with Google wallet.

    4. Re: Google Play store wants CCNs by JimFive · · Score: 1

      They keep asking for it, but it isn't required (yet?).
      --
      JimFive

      --
      Please stop using the word theory when you mean hypothesis.
    5. Re: Google Play store wants CCNs by Anonymous Coward · · Score: 0

      They've been nagging for it for a long time. All you have to do is refuse and try again. Eventually, it gives up and lets you have the app without getting your CC#. Obviously, this doesn't work for paid apps.

      I don't think I've ever had to refuse to give it my CC# more than 3 times. Yeah, I'm pretty stubborn. And Google can just deal with it.

  3. Re:pwned by GrandCow · · Score: 1

    What exactly were they showing off? Also you come off as some idiot teenager trying to take some credit for someone elses hack.

    --
    "Well kids, you tried your best, and you failed. The lesson is, never try." -Homer Simpson
  4. eeh.... by Anonymous Coward · · Score: 0

    Changing my password? Forget it. I putting back the same one I used. Not like my twitch account has anything important related to it, just made it to get notifications from certain streamers.

  5. Re:Why would give them your cc? by Anonymous Coward · · Score: 3, Informative

    You can subscribe to channels for 5USD/month or so, this gives the channel and twitch money. Or you can buy the Twitch's subscription that disables all ads. Both of these require money, and thus you'd need a credit card to take advantage of.

  6. Re:pwned by Anonymous Coward · · Score: 0

    Come off me bro!

  7. Re: Why would give them your cc? by muphin · · Score: 1

    I don't post Anonymously to make a point.
    I am a CEO not some fat bludger stuck in his parents basement (as you like to generalize), and i watch the guys, they are entertaining and also allows me to watch games i haven't played to see if its worth getting.
    I do pay VIA PayPal through and not credit card, i support he people the put int he effort to entertain me ... i have a life and i live it the way i want cause its MY LIFE.

    --
    It's not a typo if you understood the meaning!
  8. Re: Why would give them your cc? by Anonymous Coward · · Score: 1

    Wow. How do you manage to not kill yourself every single day?

  9. Re: Why would give them your cc? by Anonymous Coward · · Score: 0

    I know, but my point is that it's a waste of money. Get a life and a healthy or productive hobby. Do something better with your life than living a life revolving around gaming.

    How about this, go and talk to the people who have guns as a hobby first. If you get them to change their mind then I will consider it too.

  10. Re: Why would give them your cc? by Anonymous Coward · · Score: 1

    I'm more surprised that no-one else has.

  11. Re: Why would give them your cc? by Anonymous Coward · · Score: 0

    People pay real money all the time for Live sports channels, through ESPN, FOX Sports etc. How are Streams any different?

    How does watching a Stream of a professional League of Legends match make you any different to the people paying to watch Rugby? or Soccer? or Gridiron?

    Also: the fact that you jump to the conclusion that anyone who watches streams is automatically an overweight, sexist, "stereotypical" nerd and tying in 'Gamergate' just makes you look like a fool.

  12. This puts a new spin on swatting. by Mal-2 · · Score: 1

    This may affect the way we think about the people who have been swatted while using Twitch. Maybe they didn't even give away their personal information, but had it extracted at another time, behind their backs, and held until someone felt like causing them the most possible trouble.

    --
    How is the Riemann zeta function like Trump rallies? Both have an endless number of trivial zeros.
  13. Fixed that for you by Anonymous Coward · · Score: 0

    Also: the fact that you jump to the conclusion that anyone who watches streams is automatically an overweight, sexist, "stereotypical" nerd and tying in 'Gamergate' just makes you look like a TROLL.

    1. Re:Fixed that for you by Anonymous Coward · · Score: 0

      It is a troll. Quit feeding it. Mod it into oblivion, call it a day.

  14. Twitch.tv by fustakrakich · · Score: 1

    And they aarrre... who? I don't see them on the list.

    --
    “He’s not deformed, he’s just drunk!”
    1. Re:Twitch.tv by Zedrick · · Score: 1

      From the summary: "the world's largest video game livestreaming website".

      There's also a website with more information about twitch.tv: http://twitch.tv/

    2. Re:Twitch.tv by fustakrakich · · Score: 1

      Yeah yeah, you know what facetious means... What really intrigues me is the amount of money involved in the industry....

      Just found out, 'celebrityism' is really a word. We never had this problem before recording and reproduction of light and sound was possible.

      --
      “He’s not deformed, he’s just drunk!”
    3. Re:Twitch.tv by Anonymous Coward · · Score: 2, Insightful

      What really intrigues me is the amount of money involved in the industry....

      Shouldn't be that surprising, at the conference that was held together with Dreamhack Valencia 2011 the representative from CBSi claimed that streamed gaming generated more viewer minutes every month than SuperBowl. The dude from Swedish television said that e-sport was the only segment they had where young males weren't underrepresented.
      Neither of the statements really says anything about the money involved, but it has been clear for a long time that there is a potential for a pretty lucrative industry.
      As for traditional television they have been dropping viewers for a long time and they know it. Younger people don't watch TV and if this continues they might not even bother to get one. Competitive gaming could be one of the things that traditional TV needs to stay alive.

    4. Re: Twitch.tv by Anonymous Coward · · Score: 0

      Watching games isn't much different than watching sports

  15. Sure... by Mashiki · · Score: 1

    It sure sounds like it's a "possible" breach. I mean actually, it was a breach. Does the submitter work for them or something?

    --
    Om, nomnomnom...
    1. Re:Sure... by Anonymous Coward · · Score: 0

      I'm going to go on a limb and say that they had a security breach before anyone exploited it.

      "change your password at any website where you use the same or a similar password."
      This means they've been storing passwords in plaintext. Why isn't this yet illegal?

    2. Re:Sure... by Mashiki · · Score: 1

      This means they've been storing passwords in plaintext. Why isn't this yet illegal?

      Probably the same reason why people use SHA256 for hashing still, they're dense as a post and asking for someone to take it all.

      --
      Om, nomnomnom...
  16. Re: Why would give them your cc? by Anonymous Coward · · Score: 0

    Owning a gun could save your life.

    Gaming is just entirely pointless.

  17. Re: Why would give them your cc? by Anonymous Coward · · Score: 0

    It makes you less of a man.

  18. Re: Why would give them your cc? by Anonymous Coward · · Score: 0

    tl;dr: stop liking what I don't like

  19. Re: Why would give them your cc? by Anonymous Coward · · Score: 0

    don't forget the neckbeard that's cheetos orange.

  20. Re: Why would give them your cc? by Anonymous Coward · · Score: 0

    I am a CEO not some fat bludger stuck

    Oh, so you're a worthless douchebag who thinks we should be impressed with your fancy title?

    If you were a "real" CEO, you'd have more important stuff to do. Instead you're the idiot kind of CEO who works for a small company but gave himself a big title.

    Probably a big bonus, too.

    Go boil your head. Around here, CEOs are assumed to be worthless assholes. You sound the part.

  21. WTH?! by Anonymous Coward · · Score: 0

    I received the full email warning about the breach from Twitch. Odd thing is I had never heard of Twitch.TV and I don't do video gaming. Wondering why I received the email. Could this be a larger Amazon security issue?

    1. Re:WTH?! by Anonymous Coward · · Score: 0

      I wasn't even aware I'd had an account on twitch.tv and I got the same message. Now you're making me paranoid.

  22. Re: Why would give them your cc? by Anonymous Coward · · Score: 0

    The same can be said for watching TV or reading.

    Also, having a gun means you or some one you live with is more likely to get shot by a gun

  23. Re: Why would give them your cc? by Anonymous Coward · · Score: 0

    Oh please, the difference between watching people physically compete vs watching a video game?

    A "live" video game could be the equivalent of lip synced with a prerecorded video and you wouldn't be able to tell the difference if the players were just mashing buttons and waggling mouses. I'm not saying they ever are, but at least a pop singer still puts on a show if they are.

    Watching strangers playing video games over the Internet... Now that's just about as sad as drinking at home alone. I'm sure people DO enjoy it.

  24. Re: Why would give them your cc? by Bonzoli · · Score: 1

    Gaming teaches complex problem solving, organizational skills, reading, profanity improvement, socializing on several levels more constant, and its better than wasting time on TV. So if the option was TV then yes gaming is a huge improvement in many cases. If the option is exercising and team sport where you socialize, then its not as good because there is no exercise other than the mind.
    Certainly getting a higher level of education trumps all of this, but not everyone is above average.
    I'd rather have people gaming vs Drinking and driving. I'd throw in an requirement they should all have a job of some sort, oddly enough I find most older gamers are disabled or X military. Which means they will probably all grow out of it when they run out of food in the basement.

  25. Re: Why would give them your cc? by Anonymous Coward · · Score: 0

    There is no point in life without entertainment, or hope of future entertainment.

    It is the culmination of the existence, what comes out of being: the sensations, the sentiments, and the emotions.

    The rest is body sustainance and reproduction, which by themselves make for a very restricted experience.

    Of course there is the matter of entertainment quality, and for sure many games and game practices, like many other acts attributed to entertainment, are very dull and limited, if not counter to entertainment. Many however are most entertaining, and provide great experiences.

    Simply watching people play can very much be an entertaining experience, first as any story you may not be directly in control of (like most books or movies), and second with the possible added commentary and random talking of another human. Even watching someone play a game you already played can provide many points of entertainment.

    Plus anything could save your life. Farting now could save your life ten years from now.

  26. Re: Why would give them your cc? by Bonzoli · · Score: 1

    Oddly I thought the same until I listened to the successful ones. They are actually comedian's that play video games. Very humorous what others can think of when they get blown up online.

  27. Re: Why would give them your cc? by Shatrat · · Score: 1

    Correlation is not causation. Living in a high crime area motivates people to defend themselves.

    --
    09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
  28. Re: Why would give them your cc? by Krojack · · Score: 1

    Why do you give a shit? People do what they want with their money. If this is what they enjoy then so be it. Stop trying to tell people what you think is best for them and worry about your own self.

  29. Re: Why would give them your cc? by Anonymous Coward · · Score: 0

    Nothing like like the truth you posted to get you a -1 here on /. & rouse the "fearsome ire" of these milksops!

  30. Re: Why would give them your cc? by Anonymous Coward · · Score: 0

    BINGO & agreed 110% (I've worked with enough of those leeches off the talents of others, for decades mind you, to 'second you' in a heartbeat)! Most of them are worthless (& I have the same degrees they do with CS ontop of it, was upper mgt. myself & couldn't stand the truth of myself then, which IS what you stated, hence going back getting an actually useful practical degree instead). As far as what you said folks assume here? It's no mere assumption. It's 100% truth. Are the slacker, 'secret-handshake society' fratboy types worth a plugged nickel? Hell no. They're either from money they inherited, related to the biggest shareholder on the board of directors (douchebag leeches) or joined the masons (a pack of crooks living a fucking lie pushing out the right people for the job for "one of their own").

  31. You're only fooling yourself. Why? Ok by Anonymous Coward · · Score: 0

    That hides exactly "0" as 99% of those here browse below the bs "moderation system" 0 level!

    We all see -1 posts (best ones usually).

    This place is bullshit in that capacity. It lets little pricks like YOU feel 'superior'. NewsFlash - you're not. Far from it. You're vastly inferior worms & wannabes from what I've seen!

    In fact, I'll say this right now - I've only met a small handful of ANYONE HERE posting that impresses me on a computing technical level to be quite honest over a decade long timeframe.

    I.E.-> Let's talk MORE on the bullshit "moderation system" (more like suppression system of ideas that don't fit the herd mind of sockpuppets here furthering their own bullshit agendas, which doesn't work! How come Open SORES is still DEAD LAST on PC's & Servers combined vs. MS then I ask you, as a SINGLE example thereof):

    Why doesn't the ownership here allow you to see how up or down modded you?

    Oh, they'll spout their BULLSHIT saying "It would start flame wars" well, dimwits? YOU HAVE THEM ANYHOW... you like them no matter what, as it gets more views/hits (not from me you don't - & most here I imagine - we cut off your trackers via hosts & firewalls and stall javascript - fuck your "registered luser" accounts that make you trackable sheep too).

    Man: ALL That above?

    Yes folks - It tells you about THEIR character (rather the original weasels who started the site actually, as they designed it) - they're weaselly little NERDS who have had to "hide" their entire lives like worms, acting like women do!

    (Yes people, your GHOST shows thru when you write wares onto these machines, & their spirits suck imo - the system here proves it for me - it allows weasels like YOU to harass others & more, prick).

    E.G.-> Moderation here is MASSIVELY ABUSED (& the ironically droll part is all the "freedome of speech" & speech shouldn't be surpressed utter BULLSHIT I hear from a lot of you overly liberal bullshitters - YOU'RE THE BIGGEST ABUSERS OF IT & you are PROOF, prick!)

    I.E.-> Anyone can cheat using diff. emails and multilple sockpuppets (for those of you worms farming karma to play your whimp game).

    APK

    P.S.=> Your kind is simply the LOWEST of the LOW, which is WHY guys like me beat the fuck out of you in school, and fucked your girlfriend in front of you MAKING YOU WATCH, squirming like the worm your kind is in this life... apk