Twitch recently told its users to be prepared to change their passwords because there’s a possibility the Amazon-owned gaming streaming service has been hacked. Phone numbers and names are feared to have been leaked, but it is not certain how bad the situation is at this point.
Twitch said it deleted all passwords and disconnected all user accounts from Twitter and YouTube. The company also wanted to make it clear that passwords were encrypted prior to the hack, so users should know that Twitch was not careless.
During the aftermath, Twitch came under fire because it allowed users to replace their old passwords with weak passwords. Unlike several websites with a system in place that alert users if they are using a weak password, Twitch does not have this functionality.
We can’t understand for what reason why Twitch did not boost its security following the hack. Usually, when a company is compromised, it does whatever that needs to be done to secure its servers and make sure users are safe. Sony is a great example of a company falling to hackers and failing to take the necessary steps to make sure it becomes more difficult the second time around.
In response to this issue, Twitch sent an email to its over 55 million users with the following:
“We are writing to let you know that there may have been unauthorized access to some of your Twitch user account information, including possibly your Twitch username and associated email address, your password (which was cryptographically protected), the last IP address you logged in from, and any of the following if you provided it to us: first and last name, phone number, address, and date of birth.”
The company also claim it does not process or store full credit card information, so such things have not been compromised.
Twitch is the leading video game-centric streaming website. The company was acquired by Amazon last year for a cool $970 million.
Source: [Twitch]