Twitch Hack — The Latest Devastating Data Breach

Header

Author: Trend Micro

October 13, 2021

Source: BleepingComputer

This article is fromTrend Micro.

At the end of September we reported on the increasingly frequent phenomenon of damaging data breaches hitting the headlines — and the danger they pose to citizens affected. Now, another huge one has occurred, this time targeting the Amazon-owned streaming company, Twitch.

Yesterday (6th October), an anonymous hacker released a huge cache of propriety data, totaling 125GB of data and including a Twitch payout list. As seen above, the hacker posted on 4chan: “Jeff Bezos paid $970 million for this, we’re giving it away FOR FREE.” Interestingly, the leaks are labelled “part one” — meaning there may be more to come. Twitch confirmed the hack later in the day.

The data includes:

  • Twitch’s source code (which can be used to further penetrate its systems);
  • information on Twitch’s mobile, desktop, and game console clients;
  • information on Amazon-owned properties including Vapor;
  • internal security tools;
  • and information on streamers’ revenues, including figures for the highest earners — among them CriticalRole, Canadian xQC, and American Summit1g.

The leak does not appear to contain streamers’ or users’ personal information, but the damage appears extensive and has sent users reeling. Twitch has instructed users to secure financial information, and of course, change their password. It is another reminder of the dire need for serious protection of our online data. 

Trend Micro ID Security

As we stated in our September data breach article, Trend Micro, a leading cybersecurity company, have an app specifically designed to meet the challenges that data breaches bring.

Available on Android and iOS, ID Security scours the dark web for any mention of your data (email address, passwords, codes etc.) in the event of it being sold or maliciously shared by cybercriminals. Its key features include:

·         Dark Web Personal Data Manager: Scours the dark web for data such as bank account numbers, driver’s license numbers, passport numbers, and social security numbers.

·         Credit Card Checker: Find out if someone has acquired your credit card number and put it on the dark web.

·         Email Checker: Find out if any of your email addresses have been leaked to the dark web. You’ll be notified which exact account it is — so you can take the appropriate counter-measures.

·         Password Checker: ID Security will notify you if you’re using a password currently in circulation on the dark web.

·         Social Media Account Checker: Find out if your Facebook and Twitter Account have been breached and shared on the dark web.

·         A Comprehensive Monitoring Report

Simple, efficient and easy-to-use, follow this link or scan the QR code below to try the free 30-day trial version today! If this article has been of use and/or interest to you, please do share it with family and friends.

Report a Scam!

Have you fallen for a hoax, bought a fake product? Report the site and warn others!

Help & Info

Top Safety Picks

Your Go-To Tools for Online Safety
Disclaimer: Some of the links here are affiliate links. If you click them and make a purchase, we may earn a commission at no extra cost to you.

  1. ScamAdviser App : That site looks legit. That's exactly how they get you. Modern scams are frighteningly convincing. ScamAdviser scans sites and blocks fraud calls automatically. Free on iOS & Android.
  2. NordVPN : NordVPN delivers powerful, seamless protection for your online life - whether you're at home, on public Wi-Fi, or traveling abroad. Recognized as one of the fastest VPN services available, it combines lightning-fast speeds with advanced encryption to keep
  3. Incogni : Incogni automatically removes your personal data from data brokers that trade in personal information online, helping reduce scam and identity theft risks without the hassle of manual opt-outs. Reclaim your privacy now!
  4. Private Internet Access (PIA) : PIA gives you a no-logs VPN built on the latest encryption standards and WireGuard protocol — meaning your browsing activity stays yours alone. Fast, private, and transparent. Take back your privacy today!
  5. Surfshark VPN : One subscription, unlimited devices. Surfshark is the fastest VPN out there — covering your phone, laptop, tablet and more with a stable, secure connection for browsing, streaming and working. Get Surfshark now!
  6. Proton VPN : Independently audited and built with a strict no-logs policy, Proton VPN is trusted by over 3 million users worldwide. It’s been named Best VPN by Wired, PCMag, and Vice—offering strong encryption for anyone who takes their privacy seriously. Give Proton

Popular Stories

In a nutshell: A good VPN protects your privacy with strong encryption, a strict no-logs policy, and fast protocols like WireGuard. The best VPNs also offer wide server coverage, leak protection, and easy-to-use apps for all devices. For 2025, the top providers are NordVPN, ExpressVPN, Surfshark, Proton VPN, Private Internet Access, CyberGhost, and Mullvad—each excelling in speed, security, or value. In an age where every click is tracked, a Virtual Private Network (VPN) is no longer just a luxury—it's an essential tool for digital privacy and security. A VPN works by creating a secure, encrypted tunnel between your device and the internet, masking your real IP address and protecting your sensitive data from prying eyes. But with hundreds of providers out there, how do you sort the secure from the suspect? This guide breaks down the non-negotiable features of a quality VPN and highlights the 7 top-rated services for 2025. What to Look for in a Good VPN: The 4 Non-Negotiable Pillars 1. Ironclad Security Features Strong Encryption: AES-256, the gold standard. Secure Protocols: OpenVPN, WireGuard, NordLynx, Lightway. Avoid PPTP. Kill Switch: Ensures no accidental IP leaks. Leak Protection: Covers DNS, IPv6, and WebRTC. 2. Verified Privacy Practices No-Logs Policy: No activity or metadata tracking. Independent Audits: Verification by third parties. Safe Jurisdiction: Prefer countries outside the 5/9/14 Eyes alliances. 3. High-Speed Performance Fast Protocols: WireGuard and equivalents. Large Server Network: Less crowding, more reliable speeds. 4. Essential Usability Features Multi-Device Apps: Windows, Mac, iOS, Android, routers. Simultaneous Connections: One account, many devices. Unblocking Power: Netflix, Hulu, BBC

This article has been updated by Jamie James on June 9 with the latest data and analysis we have found using real user reports and experiences submitted to ScamAdviser. Just received that terrifying notification? Or perhaps you've noticed suspicious activity in your accounts? Take a deep breath. Your email, password, phone number, home address, payment details, or identity documents may now be in places you cannot control. But the next steps do not have to be confusing. What matters most is how quickly you act, order, and know which exposed data creates the biggest risk. This guide explains what to do after a data breach, how to check the damage, and how to protect yourself from identity theft, account takeover, and follow-up scams. Quick Summary Verify the data breach notice through the company’s official website before clicking any links. Secure your primary email account first because it controls many password resets. Change the exposed password and every reused or similar password. Enable multi-factor authentication on email, banking, payment, cloud, and social accounts. Contact your bank or card issuer if payment or bank account details were exposed. Freeze or protect your credit if sensitive identity information was compromised. Watch for phishing messages, fake refund offers, and scam websites that use your leaked details. Starting with Data Breach Numbers The numbers don't lie: according to a 2024 report, the number of data breach victim notices has grown by a staggering 211% year-over-year. This isn't just a distant threat; it's a stark reality many individuals fa