- 2021 Twitch breach exposed sensitive data on thousands of users
- An investigation by the Turkish data protection watchdog concluded the company was to blame
- Twitch has to pay $58,000
Türkiye has fined Amazon $58,000 for the Twitch data breach in 2021 which affected thousands of Turkish nationals.
An anonymous hacker leaked the entirety of popular video game live streaming service Twitch, including its source code and personally identifiable information (PII) of its users. The leaked data was rolled into a 125 GB torrent, and its link was posted to the popular 4chan imageboard.
Since the breach was said to have affected Turkish citizens, the country’s Personal Data Protection Board (KVKK) opened up an investigation soon after the attack. In total, 35,274 Turkish nationals were affected, so KVKK imposed a 1.75 million lira fine for inadequate security and 250,000 lira for failing to report the breach.
Lumma and AMOS
The results of the investigation showed that the company, which was acquired by Amazon back in 2014 for $970 million in cash, “failed to take adequate security measures beforehand, addressing the issue only afterward.” What’s more, KVKK concluded that the company’s risk and threat assessment were “insufficient.”
At press time, Twitch was not commenting on the incident, however it did, at the time, downplay the importance of the breach, saying the attackers didn’t get their hands on the login credentials of users, suggesting that the threat was somewhat limited.
“Twitch passwords have not been exposed. We are also confident that systems that store Twitch login credentials, which are hashed with bcrypt, were not accessed, nor were full credit card numbers or ACH / bank information,” Twitch said.
At the time, it was reported the hacker wasn’t pleased with the community that had built around the service. and leaked the data in a bid to “foster more disruption and competition in the online video streaming space.”
Soon afterward, Twitch confirmed the breach, saying its team was “working with urgency” to understand the extent of the incident.
Via Reuters
You might also like
- Here’s a list of the best firewalls today
- These are the best endpoint protection tools right now
- AnnieMac says thousands of customers have had data stolen in breach