PSA: Twitch Suffers Security Breach, Change Your Passwords
Update (4:55 p.m. Eastern): Twitch is alerting some users about the manner of the data breach. If you have a Twitch account, you should be aware of this information.
VentureBeat has secured a copy of the email being sent by Twitch to users it has determined are affected by the breach. Included in the compromised data is IP at last login, date of birth, and limited card information (including expiration date, card type, and truncated number). Personal information provided to Twitch, including date of birth if you opted to include it, has also been compromised.
While Twitch says that only some users were affected, we recommend that readers be vigilant and monitor accounts for suspicious activity. You can read the entire communication from Twitch to affected users on VentureBeat.
Twitch has issued a bulletin to users regarding a recent security breach. In response, the streaming service has expired all login information (including passwords and stream keys). The company has also disconnected all accounts from Twitter and YouTube.
Users will need to create a new password at their next login and then reconnect all apps and services that were disconnected for security purposes. Twitch also recommends that users change their passwords on other sites if the passwords are same.
Twitch says that unauthorized access is limited to some user accounts. The company will be communicating privately with those whose information was compromised.
We reached out to Twitch to inquire if personal and/or payment information was stolen in the breach. A representative declined to provide additional detail, referring us back to the company’s prepared statement.