Perfect Timing: Twitch Gets Compromised With Voluminous Leak Of Data Via Torrent
from the here-we-go-again dept
It's no secret that Amazon-owned Twitch has had a rough go of it for the past year or so. We've talked about most, if not all, of the issues the platform has created for itself: a DMCA apocalypse, a creative community angry about not being informed over copyright issues, unclear creator guidelines for content that result in punishment from Twitch while some creators happily test the fences on those guidelines, and further and ongoing communication breakdowns with creators. All of that, mind you, has taken place over the last 12 months. It's been bad. Really bad!
But great news: now it's even worse! Someone managed to get into the Twitch platform and leak it. As in pretty much all of it. And even some information on a Steam-rival Amazon is planning to release. Seriously.
An anonymous hacker claims to have leaked the entirety of Twitch, including its source code and user payout information.
The user posted a 125GB torrent link to 4chan on Wednesday, stating that the leak was intended to “foster more disruption and competition in the online video streaming space” because “their community is a disgusting toxic cesspool”.
The leaked Twitch data reportedly includes:
-The entirety of Twitch’s source code with comment history “going back to its early beginnings”
-Creator payout reports from 2019
-Mobile, desktop and console Twitch clients
-Proprietary SDKs and internal AWS services used by Twitch
-“Every other property that Twitch owns” including IGDB and CurseForge
-An unreleased Steam competitor, codenamed Vapor, from Amazon Game Studios
-Twitch internal ‘red teaming’ tools (designed to improve security by having staff pretend to be hackers)
As you can see, yeah, pretty much everything. And keep in mind that whoever leaked this via torrent has noted that this is "part 1". Now, while a great deal of attention is being paid to Vapor, an unreleased platform created by Amazon to compete with Steam, let's focus instead on the release of the financial compensation for Twitch creators. Because this represents yet another failure by Twitch to protect its own creative community.
How detailed are these financial records. Extremely, as it turns out, with names and dollar amounts attached so that enterprising individuals are able to rank them. For instance, my own beloved Critical Role appears to be the top Twitch earner since 2019.
The gross payouts of the top 100 highest-paid Twitch streamers from August 2019 until October 2021: pic.twitter.com/3Lj9pb2aBl
— KnowSomething (@KnowS0mething) October 6, 2021
Now, I love Critical Role and am quite pleased that they're doing so well for themselves. But I'm pretty sure they also aren't loving their exact compensation through Twitch being out there for the entire world to see. I need to avoid getting into a victim-blaming issue here, since Twitch is very much a victim of this hack/compromise/leak... but we also don't have details from Amazon as to how this leak occurred, only that it is authentic. The next question is obvious: did Twitch do something stupid that left itself vulnerable to this sort of thing?
We don't know. But this is the problem when a platform torches its reputation among its own creative like Twitch has over the last year or so. There's no goodwill in the bank for Twitch to rely on as it navigates through the fallout of all this. And, while it's worth noting that the person posting this leak claims they did so out of anger with how Twitch operates and its "toxic cesspool" of a community, the public and media framing of this leak has shown little sympathy for the platform overall.
This all comes at a time of much tribulation for Twitch, with the #DoBetterTwitch/#TwitchDoBetter hashtags at the forefront of efforts by users to demand a better service from the platform, including boycotts to demand action over hate raids. Twitch seems to be making some positive moves, but then always finds a way to do something terrible too.
If Twitch wants to start repairing this reputation, it should be in full "good PR" mode: admit what happened, be transparent, do not talk about other great things you've done, build a plan to repair this. Sadly, given Twitch's history, it's an open question whether it will do the right thing or not.
Filed Under: data leak, live streamers
Companies: amazon, twitch