Internet, Internet, where will hackers strike next? Round and round and round we go, where the security hole stops, no one kn- oh! Twitch! It’s Twitch! Streaming service Twitch has been hacked.
Twitch announced last night that “there may have been unauthorized access to some Twitch user account information”, so they’re resetting all logins and access for everyone. If you’re lucky, you only need to reset your password and change your streaming software settings. If unlucky, well, naughty folks may have your name, address, phone number, date of birth, and more.
Twitch have reset all passwords and stream keys, which are simple enough for you to change. If you still use the same password on multiple sites – for goodness sake’, don’t do this, use a password manager like KeePass or LastPass to generate unique, weird passwords – then you should also change your pass on every site sharing it.
As for the worst case scenario, Twitch sent this e-mail out to members:
We are writing to let you know that there may have been unauthorized access to some of your Twitch user account information, including possibly your Twitch username and associated email address, your password, the last IP address you logged in from, limited credit card information (card type, truncated card number and expiration date), and any of the following if you provided it to us: first and last name, phone number, address, and date of birth.
PLEASE NOTE: Twitch does not store or process full credit or debit card information, so your card number is safe.
While we store passwords in a cryptographically protected form, we believe it’s possible that your password could have been captured in clear text by malicious code when you logged into our site on March 3rd.
Sounds nasty, that.