Massive Twitch data breach sees hackers release source code, contributor payouts, and unannounced software

Twitch logo on a phone screen
(Image credit: NurPhoto / Contributor)

Twitch's data has been leaked on a significant scale, including source code for the site, an unreleased Steam competitor, and details of contributor payouts.

"We can confirm a breach has taken place," Twitch wrote on Twitter at 11 AM Eastern today. "Our teams are working with urgency to understand the extent of this. We will update the community as soon as additional information is available. Thank you for bearing with us."

The leak is malicious in nature, but it's unclear whether user data itself was exposed, as most of the information so far points to internal information being the target. As reported earlier in the day by by VGC an anonymous hacker posted to 4chan earlier this week with a 125GB torrent link, which they claim contains the "entirety of twitch.tv, with commit history going back to its early beginnings."

"Their community is also a disgusting toxic cesspool, so to foster more disruption and competition in the online video streaming space, we have completely pwned them," the post reads. The hacker claims that the torrent file also includes:

  • Mobile, desktop and console Twitch clients
  • Various proprietary SDKs and internal AWS services used by Twitch
  • Every other property that Twitch owns including IGDB and CurseForge
  • An unreleased Steam competitor from Amazon Game Studios
  • Twitch SOC internal red teaming tools
  • Creator payouts from 2019 until now

Creator payout data has already begun making the rounds online, as well as small bits of information on Amazon's unreleased Steam competitor. Dubbed Vapor, it appears to make use of the majority of Twitch' features, along with special built-in support for popular games like Fortnite and PUBG according to @Sinoc229 on Twitter. There's also a separate game called Vapeworld, assumed to be something along the lines of a VR chatroom.

As streamers across the world awoke to discover the news today, many chimed in to corroborate that leaked payout information about them was accurate. The mood among streamers seems fairly chill though, with most goofing on each other and keeping things lighthearted. HasanAbi has acknowledged the leak, along with xQc and Sodapoppin

The hacker claims that this is just "part one" of the leak, with presumably more to come in the future. You also may want to change your Twitch password as a precaution, as Sinoc says the file contains encrypted passwords. With anyone currently able to get their hands on the file, it would be best to err on the side of caution.

Mollie Taylor
Features Producer

Mollie spent her early childhood deeply invested in games like Killer Instinct, Toontown and Audition Online, which continue to form the pillars of her personality today. She joined PC Gamer in 2020 as a news writer and now lends her expertise to write a wealth of features, guides and reviews with a dash of chaos. She can often be found causing mischief in Final Fantasy 14, using those experiences to write neat things about her favourite MMO. When she's not staring at her bunny girl she can be found sweating out rhythm games, pretending to be good at fighting games or spending far too much money at her local arcade.  

TOPICS