Slashdot Mirror

← Back to Stories (view on slashdot.org)

Possible Twitch.tv Security Breach

Posted by Soulskill on from the another-day,-another-breach dept.

New submitter FalleStar writes: Today, the world's largest video game livestreaming website, Twitch.tv, posted the following blog entry: "We are writing to let you know that there may have been unauthorized access to some Twitch user account information. For your protection, we have expired passwords and stream keys and have disconnected accounts from Twitter and YouTube. As a result, you will be prompted to create a new password the next time you attempt to log into your Twitch account. We also recommend that you change your password at any website where you use the same or a similar password." The full details of the breach have yet to be released. Back in a 2013 blog post, Twitch reported that one of their CDNs had mistakenly exposed user account information, and they mentioned that their user passwords are hashed, but did not indicate whether or not they are salted. In addition to the blog post, Twitch users are being notified of the intrusion by email. According to one such email, compromised data may include the last IP address a user logged in from, as well as some credit card information — but not full card numbers, since Twitch doesn't store those.

22 of 49 comments (clear)

  1. Can't delete my account by Anonymous Coward · · Score: 1

    They're pulling some serious Facebook shenanigans here.

  2. Google Play store wants CCNs by hackwrench · · Score: 1

    And now Google Play store wants credit card numbers for free apps. They can forget about it.

    1. Re:Google Play store wants CCNs by raynet · · Score: 1

      Just installed an app from Google Play and didn't need to give credit card number.

      --
      - Raynet --> .
    2. Re:Google Play store wants CCNs by Anonymous Coward · · Score: 1

      Don't mistake the free ones for the free ones that have in-app-purchases. That's why they want your credit card number It's just a trick they use to get the app listed in the "free" category.

    3. Re: Google Play store wants CCNs by hackwrench · · Score: 1

      They may be rolling it out in stages or may not require it if you're signed up with Google wallet.

    4. Re: Google Play store wants CCNs by JimFive · · Score: 1

      They keep asking for it, but it isn't required (yet?).
      --
      JimFive

      --
      Please stop using the word theory when you mean hypothesis.
  3. Re:pwned by GrandCow · · Score: 1

    What exactly were they showing off? Also you come off as some idiot teenager trying to take some credit for someone elses hack.

    --
    "Well kids, you tried your best, and you failed. The lesson is, never try." -Homer Simpson
  4. Re:Why would give them your cc? by Anonymous Coward · · Score: 3, Informative

    You can subscribe to channels for 5USD/month or so, this gives the channel and twitch money. Or you can buy the Twitch's subscription that disables all ads. Both of these require money, and thus you'd need a credit card to take advantage of.

  5. Re: Why would give them your cc? by muphin · · Score: 1

    I don't post Anonymously to make a point.
    I am a CEO not some fat bludger stuck in his parents basement (as you like to generalize), and i watch the guys, they are entertaining and also allows me to watch games i haven't played to see if its worth getting.
    I do pay VIA PayPal through and not credit card, i support he people the put int he effort to entertain me ... i have a life and i live it the way i want cause its MY LIFE.

    --
    It's not a typo if you understood the meaning!
  6. Re: Why would give them your cc? by Anonymous Coward · · Score: 1

    Wow. How do you manage to not kill yourself every single day?

  7. Re: Why would give them your cc? by Anonymous Coward · · Score: 1

    I'm more surprised that no-one else has.

  8. This puts a new spin on swatting. by Mal-2 · · Score: 1

    This may affect the way we think about the people who have been swatted while using Twitch. Maybe they didn't even give away their personal information, but had it extracted at another time, behind their backs, and held until someone felt like causing them the most possible trouble.

    --
    How is the Riemann zeta function like Trump rallies? Both have an endless number of trivial zeros.
  9. Twitch.tv by fustakrakich · · Score: 1

    And they aarrre... who? I don't see them on the list.

    --
    “He’s not deformed, he’s just drunk!”
    1. Re:Twitch.tv by Zedrick · · Score: 1

      From the summary: "the world's largest video game livestreaming website".

      There's also a website with more information about twitch.tv: http://twitch.tv/

    2. Re:Twitch.tv by fustakrakich · · Score: 1

      Yeah yeah, you know what facetious means... What really intrigues me is the amount of money involved in the industry....

      Just found out, 'celebrityism' is really a word. We never had this problem before recording and reproduction of light and sound was possible.

      --
      “He’s not deformed, he’s just drunk!”
    3. Re:Twitch.tv by Anonymous Coward · · Score: 2, Insightful

      What really intrigues me is the amount of money involved in the industry....

      Shouldn't be that surprising, at the conference that was held together with Dreamhack Valencia 2011 the representative from CBSi claimed that streamed gaming generated more viewer minutes every month than SuperBowl. The dude from Swedish television said that e-sport was the only segment they had where young males weren't underrepresented.
      Neither of the statements really says anything about the money involved, but it has been clear for a long time that there is a potential for a pretty lucrative industry.
      As for traditional television they have been dropping viewers for a long time and they know it. Younger people don't watch TV and if this continues they might not even bother to get one. Competitive gaming could be one of the things that traditional TV needs to stay alive.

  10. Sure... by Mashiki · · Score: 1

    It sure sounds like it's a "possible" breach. I mean actually, it was a breach. Does the submitter work for them or something?

    --
    Om, nomnomnom...
    1. Re:Sure... by Mashiki · · Score: 1

      This means they've been storing passwords in plaintext. Why isn't this yet illegal?

      Probably the same reason why people use SHA256 for hashing still, they're dense as a post and asking for someone to take it all.

      --
      Om, nomnomnom...
  11. Re: Why would give them your cc? by Bonzoli · · Score: 1

    Gaming teaches complex problem solving, organizational skills, reading, profanity improvement, socializing on several levels more constant, and its better than wasting time on TV. So if the option was TV then yes gaming is a huge improvement in many cases. If the option is exercising and team sport where you socialize, then its not as good because there is no exercise other than the mind.
    Certainly getting a higher level of education trumps all of this, but not everyone is above average.
    I'd rather have people gaming vs Drinking and driving. I'd throw in an requirement they should all have a job of some sort, oddly enough I find most older gamers are disabled or X military. Which means they will probably all grow out of it when they run out of food in the basement.

  12. Re: Why would give them your cc? by Bonzoli · · Score: 1

    Oddly I thought the same until I listened to the successful ones. They are actually comedian's that play video games. Very humorous what others can think of when they get blown up online.

  13. Re: Why would give them your cc? by Shatrat · · Score: 1

    Correlation is not causation. Living in a high crime area motivates people to defend themselves.

    --
    09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
  14. Re: Why would give them your cc? by Krojack · · Score: 1

    Why do you give a shit? People do what they want with their money. If this is what they enjoy then so be it. Stop trying to tell people what you think is best for them and worry about your own self.