Twitch’s whole database was stolen and published onto the internet earlier this month. However, it appears that passwords were not included.
At least, that’s what Twitch claims. In the midst of the massive theft, the streaming site provided an update on Friday, stating that the hackers did not gain access to user passwords, credit cards, or banking information. That was pretty much the only thing left out since everything from Twitch’s whole source code to compensation reports for the top Twitch creators from 2019 to the present was made public.
Twitch did indicate that the data that got out there affected a “small fraction” of users and that those persons will be contacted immediately.
You could be forgiven for thinking to yourself, “whew, I’m alright!” but it would be a short-sighted perspective. Sure, your Twitch information was not compromised this time, but it doesn’t rule out the possibility that it may be in the future. Allow us to serve as a gentle reminder to 1) change your password anyway, and 2) set up two-factor authentication on every website where you keep any kind of personal information. Twitch offers a helpful support page that explains how to do it.
If you’re unfamiliar with two-factor authentication, it’s the simplest method to protect yourself against attacks like this. Instead of just inputting a username and password, it requires two steps to log into an account, as the name implies. This is usually accomplished by texting a one-time use login code to your phone or by utilizing an authentication app. It only takes a few seconds to log in and can act as a stumbling block for malicious hackers.
Again, you were most likely unaffected by Twitch’s demise a few weeks ago. However, if you take this simple step now, you will be protected from being affected in the future.