Twich’s data leak
On October 6, the Twich platform was the victim of a cyber attack that caused what could be one of the largest data breaches in history. The hacker himself announced the incident, who, hidden from his anonymity, released a 125Gb torrent downloadable by anyone, with the caption
If Jeff Bezos paid 970 million for it, we give it away for free.
A Hollywood movie plot, but that’s all reality!
Let’s better understand what happened and what was stolen: a hacker managed to download 125 gigabytes of data relating to users of the Twich platform. Within the torrent, it is possible to find any type of data, in particular related to the monetary disbursements of the platform, the income of the streamers and, above all, relating to the source code of the platform. However, no user data, such as username and password, was shared, but it is not certain that they are not in the possession of the attacker. The anonymous user has in fact ordered to publish numerous other information; the actual amount of data in its possession is currently unknown.
The staff of Jeff Bezos, owner of Amazon who paid about a billion euros for the purchase of Twich, said they were working urgently to understand the full extent of the damage. In fact, if you know the source code of the platform, it is much easier to penetrate deeper and deeper into it, finding its weak points.
This is potentially one of the biggest data thefts ever. The size of the data leak must also put all those who have an account on the platform at attention: even if you do not use it by connecting it to your payment methods, it would still be advisable to change at least the password and activate two-factor authentication.
The documents relating to streamers make us better understand some data related to the amount of money that is now moved by this sector, data confirmed by the streamers themselves. 81 of them made more than a million dollars on the platform, while the CriticalRole game channel alone earned around 10 million dollars.
Twich had been criticized several times by both video creators and platform employees for the lack of attention to user safety. The streamers had even gone on strike days, requesting the platform a greater filter towards the haters that clog up the chats, even using special bots. Some employees of the cyber security department have instead stated that Twich does not always protect itself adequately with respect to the amount and type of data it has available.
We are waiting to understand the real dimensions of one of the most serious data leaks in history.