According to the statements made by the company’s former employees to The Verge, the latest hacking event was inevitable due to Twitch’s poor security methods. 125 GB of data, seized by a hacker and leaked to the internet, included Twitch’s confidential documents, future plans and payment information to broadcasters.
The person who claimed and shared the attack described the Twitch community as “toxic”. Such a serious violation actually seemed very unlikely to some. This past August, streamers’ exposure to uncontrollable hate speech spam erupted on Twitch.
Streamers exposed to hate spam have come together to draw attention to this issue with the hashtag #twitchdobetter.
Streamers staged a strike on September 1 to encourage Twitch to take security measures to stem the tide of hate.
Twitch responded to the complaints of the publishers on this event; Asking them to be patient, he promised to work on tools to help better protect publishers and their communities.
But hate spam didn’t suddenly appear this summer. According to a former Twitch employee, the event in August started long before it exploded.
A source who worked at Twitch between 2017 and 2019, who did not want to be named, said that employees were concerned about security, but management did not worry enough. Management wasn’t responding quickly enough to this displeasure at Twitch.
Another source says that Twitch actually encounters security issues on a regular basis, but prefers not to disclose them. According to the source, a security issue also occurred in 2017, the platform faced new risks, but this issue was not announced.
Scammers are allegedly able to contact streamers requesting revenue sharing from their Twitch Prime subscriptions.
The source claims that this led to Twitch accounts being linked to compromised Amazon accounts, and states that because of this leak, attackers can now see shortcuts and APIs for internal Amazon services.
As Amazon Prime Gaming generates revenue for publishers through subscriptions, the source warns that this could be a new attack vector for hackers looking to make money.
All this suggests that something similar to the configuration error that occurred this week seems inevitable.
Twitch also experienced a security issue in 2015 where unauthorized access to some accounts was detected. This new breach exposed massive amounts of data on the internet, leaving Twitch no choice but to admit it. Twitch is now struggling to find out exactly how much data was stolen in this hack.
Sources: The Verge, NTV
32427
