Twitch has finally confirmed that passwords weren’t exposed in last week’s major data breach. The company said that after investigating the incident which befell its system that Twitch login credentials, which are hashed with bcrypt, were not accessed, nor were full credit card numbers or ACH / bank details.
The streaming service made this confirmation on its webpage during the week saying categorically that “Twitch passwords have not been exposed,” it added that “We are also confident that systems that store Twitch login credentials, which are hashed with bcrypt, were not accessed, nor were full credit card numbers or ACH / bank information.”
Recalled that last week there was a report that the company experienced a major data breach where its source code we’re leaked online. It was later confirmed by the company who said that exposed data primarily contained documents from Twitch’s source code repository, as well as a subset of creator payout data.
Twitch has shared an update on last week’s big breach. It said that neither passwords nor bank details were exposed.
The company then claimed that the information exposed only affected a small fraction of users, and the customer impact is minimal. Twitch however said it is following up directly with those who were affected.
This isn’t the first time that Twitch will be experiencing a security issue.
There was an unreported security problem that took place in 2017 and also another massive hack that happened in 2014. The company has though apologized for the issue and wrote that “We have taken steps to further secure our service”.