It’s more than a week since the gaming and content streaming giant Twitch confirmed a data breach. Twitch, a popular streaming service used by gamers, again made the headlines as it was attacked, resulting in 125 GB of data leaks onto the 4Chan forum.
The leaked data comprises sensitive user data, including payments made to different content creators, unreleased gaming platforms, Twitch source code, and internal Red Team hacking tools.
Even though time has passed, it is still challenging to predict the damage being done. However, since the news broke out, Google searches for “How to delete Twitch” increased by 733%. It would be interesting to see if this attack will also impact the average earning of Twitch streamers. They earn $3000 to $5000 playing for 40 hours a week.
Interestingly, it is not the first time that Twitch has experienced an attack. In June 2020, Twitch’s IRC servers were attacked (IRC enables developers to create chat functionality in their platform). In this attack, the download was replaced by a version that was compromised by a trojan backdoor.
What Happened with the Twitch Data Breach?
On Oct 6th, Twitch confirmed that a threat actor successfully accessed data that was later exposed on the internet. It all happened because of a Twitch server configuration (AWS) error that anonymous third-party hackers accessed.
Gartner predicted that by 2025, 99% of cloud misconfiguration would be due to human error. Cloud misconfiguration is a big deal that you can’t ignore. A single incident can create significant security breaches with loss of revenue and customer trust.
It is still unknown how much data was accessed. The company says that its security teams are still working to understand how the data breach takes place.
As Twitch is still investigating, no large-scale reports of login credentials have been reported. To maintain customers’ security, users were asked to change their passwords and enable two-factor authentication. Twitch also reset all stream keys on its service.
Is There Any Further Risk of Data Leaks?
The recent attacks have raised serious concerns over Twitch’s security. Additionally, the leak has been labeled as part one, which means that more information is still to be released about the attack.
It’s assumed that hackers might expose the login passwords in part two of the data leak, and thus, users should change their passwords.
Details of Exposed Data
Various internal sources made shocking revelations about the company. They reported that Twitch values blazing fast speed more than user data security. This prioritization apparently opened the door to these data leaks. According to 4chan, the leaked data contains:
- Source code for a game named Vapeworld
- Data from every other source that Twitch owns
- Twitch’s internal red teaming tools that security teams use. Desktop, mobile, and video game consoles of Twitch clients.
- Twitch TV’s source code.
- Creator payout details from 2019.
- Proprietary SDKs and internal AWS services used by Twitch.
Previously, the popular streaming and gaming platform experienced hate raids in which the users had to fight off bots spamming their channels. Even streamers joined a group that created a hashtag on Twitter and named it #TwitchBetter to get the attention of concerned people.
How to Protect Twitch From Hacker Attacks In the Future?
The best possible way to combat such cloud misconfiguration attacks is to follow a predefined strategy. The security leaders working in the cloud need to take responsibility and develop solid planning to ensure a robust cybersecurity culture. Some of the most prominent preventive measures are as follows:
- The sensitive data should be known and accessed only by people who need it.
- Use encryption to protect your data from getting into the wrong hands.
- Perform audits at regular intervals to give you an idea about any misconfiguration taking place.
- Implement the principle of least privilege to limit insider attack risks and reduce compromised accounts’ impact.
- Enhance your cloud infrastructure by designing new policies. Ensure that all staff members are well aware of these policies.
- Store credentials separately from the source code. Also, audit repositories to detect, remove and refresh them.
- Protect users’ credentials and access keys with multi-factor authentication, password protection methods, or cloud storage.
For more effective results, integrate the human-controlled methods with cloud automation methods. By combining both of these methods, you can reduce cloud security risks.
Choose the Right Security Solutions
Although maintaining robust security has become a daunting task, organizations can to prevent misconfiguration as a part of the CI process. With a tagline of automatically managing your cloud security, you can confidently keep your digital security up to date at all times.
For those who use AWS, as Twitch does, there are cloud security solutions that can prevent security breaches from occurring. With Solvo, your AWS security posture is audited continuously and alerts for any potential threat or vulnerability. Protecting your cloud assets automatically has never been easier.
If you would like to learn more on how Solvo ensures cloud security, check it out for yourself: Solvo’s SecurityGenie can show you where your gaps are, which roles and policies put you at risk. It’s free, quick and easy!