Twitch has issued a statement, which we invite you to read calmly, which contains important information on the attack suffered a couple of days ago and on what the streamers of the service should do now.
We thus learn that the data leak occurred due to an error in a Twitch server configuration change , which was subsequently accessed by a malicious third party. It seems incredible that routine activities can lead to such dire consequences, but that's what happened to Facebook just a few days ago.
At the moment there is no indication that login credentials have been exposed , but investigations are still ongoing, so things could always change.
For “plenty of caution”, all streaming keys have been reset . To get a new one just visit this link, and in most cases this will be enough.
- Users Twitch Studio, Streamlabs , Xbox, PlayStation and the Twitch mobile app don't need to do anything.
- OBS users who not have linked their Twitch account to OBS will need to manually copy the new stream key from the Twitch Dashboard to OBS.
- More or less the same reasoning applies to all other services: if they weren't directly connected to Twitch, you'll have to update the key somehow.
We reiterate that the investigations are far from concluded but that using the service at the moment should not pose any risk. Regarding the amount of stolen data and their possible uses, the discussion is far from closed.