Live video broadcast service Twitch has been hit by a massive hack that exposed the company’s 125GB of data. In a 4chan thread posted (and deleted) Wednesday, an anonymous user posted a torrent file of a multi-gig data dump. The dump contains the company’s source code and details of the money Twitch creators have earned.
Twitch admits to breaking up but is unsure of “extent”
In a 4chan post seen by Ars today, an anonymous user claimed to have leaked 125GB of data picked up from 6,000 internal Twitch Git repositories. The forum poster mocked Amazon’s acquisition of Twitch, writing, “Jeff Bezos paid $970 million for this, we’re giving it away for free.”
The hacker wrote that the leak was intended to create disruption and promote competition among video streaming platforms. The hacker went on to say that Twitch’s “community is a disgusting, toxic cesspool.”
Twitch acknowledged the breach but did not respond to Ars’ questions. At this point, it appears that even Twitch is not aware of the full extent of the breach, as the company is still working out the details:
We can confirm that a breach has occurred. Our teams are working diligently to understand this extent. We will update the community as additional information becomes available. Thank you for staying with us.
— Twitch (@Twitch) October 6, 2021
Earnings of top Twitch creators revealed
The same thread on 4chan claimed to uncover “Creator Payout Reports From 2019 to Now. Find Out How Much Your Favorite Streamer Is Really Making!”
Notably, the 125GB archive is titled “Part One”, indicating the possibility of leaks in the future.
A small subset of the data seen by Ars shows the earnings of the top 10,000 Twitch users next to their usernames. there was an updated list deployment of by game maker Last night, And a Twitter user analyzing the dump posted a detailed analysis of the payout:
Gross payouts of the top 100 highest-paid Twitch streamers from August 2019 to October 2021: pic.twitter.com/3Lj9pb2aBl
— Know Something (@KnowS0thing) October 6, 2021
Confirmed by an anonymous Twitch source video game chronicle That the leaked data, including Twitch’s source code, is legitimate. According to a company source, the data was obtained as recently as Monday.
The 4chan poster claims that the leaked data dump includes:
- Complete source code of twitch.tv, with commit history from the beginning
- Creator Payout Report starting 2019
- Mobile, desktop and video game console Twitch clients
- Proprietary SDK and internal AWS services used by Twitch
- Data from “every other Twitch-owned asset” including IGDB and CurseForge
- Information about an unreleased Steam competitor (“Vapor”) from Amazon Game Studios
- Twitch’s internal “red teaming” tool used by SOC (security) teams
The dump also reportedly includes the Unity source code for a game called “”.vaporworld“
Parts of the leaked archive are huge and have large zips, and it may be days before the full extent of the breach is understood:
Some Twitter users have also claimed to have seen encrypted passwords present in the dump and are urging Twitch users to enable two-factor authentication and change the password as a measure of security.
The hack puts more bad news on Twitch’s plate and follows the recent and long-awaited public backlash to the hate raid issues. During such raids, obscene and hate speech by users and bots is fed into the main chat feed of the site.
Interestingly, NBC’s technical investigation reporter Olivia Solan says that all of Amazon’s warehouse systems were hit by a network interruption Last night, however, the company would not confirm whether the incident was linked to the Twitch hack.
According to Solon:
Amazon warehouse workers across the US were unable to work for at least two hours last night because their internal software crashed and none of their scanners were working.
All Amazon would say was that it was a “network disruption that was quickly resolved.”
Amazon’s 2014 acquisition of Twitch said the entity would operate “independently” of Amazon. As such, whether Twitch runs its own server stack or uses Amazon’s rack space is unclear.