Twitch, the online live-streaming service for gamers has notified all account holders that their email and password credentials may have been compromised in a recent security breach.
Twitch, the Amazon owned company said Monday that the company believes it has identified possible “unauthorized access to some Twitch user account information.” The company has provided limited details but did note that all users passwords have been reset and users whose accounts were connected to Twitter and YouTube to help automate and promote the live-streams have been disconnected as well.
In an email Twitch sent to all affected users, the company said email addresses, passwords, user names, home addresses, phone numbers and dates of birth may have been stolen in the Twitch breach. The company has yet to confirm the breach, but said they are currently investigating the possible hack.
Just last year the webs eCommerce giant, Amazon, acquired Twitch for a whopping $970 million, making it the most popular social video game platform for gamers today, allowing them to live stream content with friends, fans or just about anyone online. In February, the company boasted it had more than 100 million registered members with 1.5 million of them being broadcasters.
If the Twitch breach turns out to be true, it could be another name to add to the list of cyberattacks that have been plaguing big name companies since 2013. Such as the severe Target hack that left some 110 million customers data affected, or the attacks on P.F. Changs, Nieman Marcus, Home Depot, Michaels Arts and Crafts store, office supply chain Staples or the most recent devastating Anthem hack. The most notable of the breach last year fell in the hands of Sony, after hackers had breached the entire network, stealing films, emails, trade secrets and millions of other sensitive documents.
If hackers accessed data in the Twitch breach, cybercriminals could use the data in a set of phishing attacks. Such attacks are when hackers design a phony page geared at stealing your credentials. The attacker will compile a list of emails, send out a phony security notice claiming users need to change their password with the phony link. If you click on the imposter link the page will then ask for your username or email, old password and then a new password. Hackers will then steal the data input in the username and old password field and begin abusing or selling the account data.
Twitch said after the investigation is complete the company plans to provide additional information about the incident, while urging users to use a strong password for the time being.
Changing your password is the best bet and will help strengthen your Twitch account. If you had a Twitch account and reused the same password on any website, it’s highly recommended you change those as well. If passwords were accessed in the Twitch breach, hackers could abuse your email and password credentials on other sites as well, such as online banking sites, emails and other high-risk services.