Amazon’s Twitch Hit By Password Hack

Amazon’s Twitch online gameplay-watching service has said it appears the site has been hacked, leading to a possible compromise of usernames and passwords.

“There may have been unauthorised access to some Twitch user account information,” Twitch wrote in an advisory.

The service said it has reset user passwords and stream keys and disconnected accounts that were linked to Twitter and YouTube. “As a result, you will be prompted to create a new password the next time you attempt to log into your Twitch account,” Twitch stated.

In an email to affected users, Twitch added that the passwords involved were encrypted, but still may have been accessed. As a result, it advised users to change usernames and passwords on other sites that are identical or similar to those used on Twitch.

The company declined to provide further details, including the timing and duration of the hack and how many users were affected. Twitch has about 100 million viewers per month.

Hacker interest

The San Francisco-based operation was acquired by Amazon for nearly $1bn (£640m) last year, beating out a rival bid from Google. It allows users to watch others play video games, generating substantial advertising revenues.

Hackers have also been attracted by Twitch’s large user base – shortly after the acquisition, security experts warned of a malware campaign targeting Twich users, with malicious code appearing via the site’s chat feature.

Are you a security pro? Try our quiz!