fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Massive Twitch Hack: Source Code And Payment Reports Leaked

Massive Twitch Hack: Source Code And Payment Reports Leaked

Twitch source code and streamers’ and users’ sensitive information were allegedly leaked online by an anonymous user on the 4chan imageboard.

The leaker shared a torrent link leading to a 125GB archive containing data allegedly stolen from roughly 6,000 internal Twitch Git repositories.

“Their community is also a disgusting toxic cesspool, so to foster more disruption and competition in the online video streaming space, we have completely pwned them, and in part one, are releasing the source code from almost 6,000 internal Git repositories,” the post reads.

Also Read: IT Equipment Disposal Singapore and Recycle Services

According to the anonymous 4chan user, the leaked Twitch data contains:

  • The entirety of twitch.tv, with commit history going back to its early beginnings
  • Mobile, desktop, and video game console Twitch clients
  • Various proprietary SDKs and internal AWS services used by Twitch
  • Every other property that Twitch owns, including IGDB and CurseForge
  • An unreleased Steam competitor from Amazon Game Studios
  • Twitch SOC internal red teaming tools (lol)
  • Creator payout reports from 2019 until now.
Twitch leak
Image: BleepingComputer

The anonymous poster named his thread “twitch leaks part one,” which hints at further stolen Twitch data likely being leaked in the future.

BleepingComputer downloaded a portion of the leaked data and can confirm that it looks authentic and matches what was disclosed by the hacker.

Twitch source code and data leak
Twitch source code and data leak
Image: BleepingComputer

The leak was likely a direct reply to Twitch’s lack of response and effective tools to fend off  hate raids targeting streamers in August, given that the anonymous leaker also used the #DoBetterTwitch hashtag.

This hashtag was used on Twitter by streamers who shared how their Twitch stream chats were being flooded with harrassment bots.

Twitch eventually acknowledged the issue and said it will launch account verification and channel-level ban evasion detection tools later this year.

Also Read: Management Training PDF for Effective Managers and Leaders

“Thank you to everyone who shared these difficult experiences. We were able to identify a vulnerability in our proactive filters, and have rolled out an update to close this gap and better detect hate speech in chat.,” the company said.

A Twitch spokesperson confirmed over email that “a breach has taken place” after this article was published.

Update: Added more info regarding the hackers’ motivation. 

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us