Twitch hack: Platform accused of regularly neglecting security warnings

Following this week’s major Twitch data breach, several former employees have accused the company of having a history of neglecting security and safety issues.

On Wednesday, an anonymous hacker claimed to have leaked the entirety of Twitch, including its source code and information on how much money the company has paid to streamers since August 2019.

The Amazon-owned company has since confirmed that “a breach has taken place” and that it’s working to understand the extent of the leak.

Speaking to The Verge, several former Twitch employees claimed the company didn’t do enough to tackle security and safety warnings.

One source claimed Twitch had regularly opted not to disclose security issues, including one in 2017 which enabled scam artists to contact streamers and resulted in Twitch accounts being linked to compromised Amazon ones.

Another source claimed employees often raised concerns about safety, including the potential for Raids to be used in an abusive way prior to the feature’s launch, but that Twitch failed to sufficiently heed these warnings as it was more concerned with quickly launching the system.

“There would be constant questions and discontent about the regular moderation failures,” the source claimed, adding that management would respond to concerns “very slowly.”

Related

77

The entirety of Twitch has reportedly been leaked

Source codes and user payouts among the data released in a 128GB torrent

In a bid to combat hate raids, last week Twitch updated its moderation tools to enable streamers to restrict chat to people who have verified their account by tying it to a phone number, while also expanding the settings for email verification.

Twitch said on Thursday that there’s “no indication” that login details were exposed in Wednesday’s data leak, and that credit card information wasn’t taken. It also reset every user’s primary stream key “out of an abundance of caution”.